Re: switch summit extreme plus static permanent arp table

[Arjuna Scagnetto <arjuna () ts infn it>]

thanks for the help, i've found realy interestin arp* :)

even if at the very end i've got what i was looking for, and now it 
seems that the arp table is static and permanent, forbidding the arp 
poisoning, maybe the <enable snmp-traps mac-security> command was 
fundamental, even if i've found only a little refence about this command 
at the end of only one page, written in smal small characters.

In any case, Arp* is  very usefull, because it keeps track of who has 
tried arppoisoning.

Thanks
Arjuna

Machiavel wrote:
> And if you are working with Windows and AD you can simply send the
> changes via a script to all your user. I don't think you even need AD
> to send an "opening" script.
>
> cheers
>
> --
> Machiavel
>
> On 11/27/06, Lall, Navneet Singh <nlall () ipolicynetworks com> wrote:
> > Hi,
> >
> > You can stop mac address learning by using static arp tables. But this
> > Has an disadvantage that you need to update it whenever you change the
> > ip to mac mapping. However most of the time changes are not frequent.
> >
> > Navneet Singh
> >
> > -----Original Message-----
> > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> > On Behalf Of tannhauser
> > Sent: Tuesday, November 28, 2006 4:07 AM
> > To: security-basics () securityfocus com
> > Subject: Re: swicth summit extreme plus static permanent arp table
> >
> > Hi,
> >
> > On Sat, 25.11, 11:39, Arjuna Scagnetto wrote:
> > > Hi guys,
> >
> > > can someone tell me how to stop the switch, a summit extreme 400-48t,
> > from
> > > learning new mac-address.
> >
> > Not a direct answer, but arpstar (arpstar.sourceforge.net) can prevent
> > the (linux) computers in your network to get fooled.
> > Btw, does anyone know about anything else that actually can stop -not
> > just detect- arpspoofing?
> >
> > tannhauser