Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!news.nacamar.de!news.apfel.de!nntp.uio.no!in1.nntp.cais.net!jupiter.dnai.com!news From: Karl Wiebe <karl@dnai.com> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Ip's and ifconfig Date: 3 Jan 1997 18:43:08 GMT Organization: DNAI ( Direct Network Access ) Lines: 26 Message-ID: <5ajjvs$b64@jupiter.dnai.com> References: <32CCF094.41C67EA6@corpex.com> NNTP-Posting-Host: sol.dnai.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 1.1N (X11; I; SunOS 4.1.4 sun4m) X-URL: news:32CCF094.41C67EA6@corpex.com Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:33538 Neil Fowler Wright <neil@corpex.com> wrote: >Hi, > If we have several machines on our network (Ie sames class C block from >the same hub and router), all with the clients having root priviledge. >How do we stop a client from allocating the ip number of another clients >machine, or for that matter any other IP number >in that Class C block. This isn't particularly related to FreeBSD, but in the general case, you can't. Ethernet being a shared medium ( I assume you use Ethernet ), packets can contain practically anything. If you have certain "smart" Ethernet hubs, you can set them up to only accept one specific MAC address on a given port, and you could combine this with a router ( which could be a FreeBSD box "with benefit of source" ) that refused to honor ARP broadcasts in the normal way, and insisted on its own mapping. So, if the only way out of that LAN segment was through the router, this would enforce the correct IP. This is pretty convoluted, though. --Karl -- == Karl Wiebe == karl@dnai.com == "Order is a form of repetition compulsion" --Freud "Order is a form of repetition compulsion" --Freud "Order is a form of repetition compulsion" --Freud