nanog mailing list archives

Re: Interesting new spam technique - getting a lot more popular.

From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 14 Jun 2006 17:49:15 +0200


* Christopher L. Morrow:

On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote:


http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html

    * Monitor your local network for interfaces transmitting ARP
responses they shouldn't be.


how about just mac security on switch ports? limit the number of mac's at
each port to 1 or some number 'valid' ?


The attack is not visible at layer 2, so this won't help.  You need
static ARP tables on relevant hosts, but even that is only a stopgag
measure.  Better invest into one (virtual) router port per customer
host. 8-/

Current thread:

Re: Interesting new spam technique - getting a lot more popular., (continued)
- - - Re: Interesting new spam technique - getting a lot more popular. Danny McPherson (Jun 19)
    - Re: Interesting new spam technique - getting a lot more popular. chuck goolsbee (Jun 15)
    - Re: Interesting new spam technique - getting a lot more popular. Matt Buford (Jun 15)
    - Re: Interesting new spam technique - getting a lot more popular. chuck goolsbee (Jun 15)
    - Re: Interesting new spam technique - getting a lot more popular. Chris Adams (Jun 15)
    - RE: Interesting new spam technique - getting a lot more popular. andrew2 (Jun 15)
    - RE: Interesting new spam technique - getting a lot more popular. Lincoln Dale (Jun 14)
    - Re: Interesting new spam technique - getting a lot more popular. Florian Weimer (Jun 14)
    - Re: Interesting new spam technique - getting a lot more popular. Richard Z (Jun 15)
  - Re: Interesting new spam technique - getting a lot more popular. Chris Edwards (Jun 14)
  - Re: Interesting new spam technique - getting a lot more popular. Florian Weimer (Jun 14)
- RE: Interesting new spam technique - getting a lot more popular. John van Oppen (Jun 13)
  - Re: Interesting new spam technique - getting a lot more popular. Payam Chychi (Jun 13)
  - RE: Interesting new spam technique - getting a lot more popular. Edward B. DREGER (Jun 13)
- RE: Interesting new spam technique - getting a lot more popular. John van Oppen (Jun 14)
  - Re: Interesting new spam technique - getting a lot more popular. Warren Kumari (Jun 14)
    - Re: Interesting new spam technique - getting a lot more popular. Mark Smith (Jun 15)
- RE: Interesting new spam technique - getting a lot more popular. Church, Chuck (Jun 14)
  - Re: Interesting new spam technique - getting a lot more popular. Patrick W. Gilmore (Jun 14)
  - RE: Interesting new spam technique - getting a lot more popular. Christopher L. Morrow (Jun 14)
- RE: Interesting new spam technique - getting a lot more popular. Peter Phaal (Jun 15)