Security Basics mailing list archives
Re: swicth summit extreme plus static permanent arp table
From: Machiavel <pierreluc.giguere () gmail com>
Date: Tue, 28 Nov 2006 08:33:48 -0500
It wont prevent the switch from learning macs but you can actually do a batch file of some sort to put static ARP tables on your clients. I always do this for small (uneder 20 clients/servers) networks. hope it helped someone -- Machiavel On 11/25/06, Arjuna Scagnetto <arjuna () ts infn it> wrote:
version=3.1.3
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on dawn.ts.infn.it
Resent-Message-Id: <20061127160316.557DB236F6D () outgoing3 securityfocus com>
Resent-Date: Mon, 27 Nov 2006 09:03:16 -0700 (MST)
Resent-From: security-basics-return-42007 () securityfocus com
Hi guys,
can someone tell me how to stop the switch, a summit extreme 400-48t,
from learning new mac-address.
i've tried
conf port etc etc lock-learning
crete fdbentry <IP> <MAC> port <port>
disable learning port <PORT>
but the mitm arppoisoning attack is still permitted!!
it has one static entry a during the attack a new dymanic antry is added
Thanks to everyone
Arjuna
Current thread:
- swicth summit extreme plus static permanent arp table Arjuna Scagnetto (Nov 27)
- Re: swicth summit extreme plus static permanent arp table tannhauser (Nov 27)
- RE: switch summit extreme plus static permanent arp table Lall, Navneet Singh (Nov 28)
- Re: switch summit extreme plus static permanent arp table Machiavel (Nov 29)
- Re: switch summit extreme plus static permanent arp table Arjuna Scagnetto (Nov 30)
- RE: switch summit extreme plus static permanent arp table Lall, Navneet Singh (Nov 28)
- Re: swicth summit extreme plus static permanent arp table tannhauser (Nov 27)
- Re: swicth summit extreme plus static permanent arp table Machiavel (Nov 28)