*BSD News Article 86221


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!news.mathworks.com!fu-berlin.de!news.apfel.de!nntp.uio.no!news.uoregon.edu!Symiserver2.symantec.com!news
From: tedm@agora.rdrop.com
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: Ip's and ifconfig
Date: 4 Jan 1997 20:26:47 GMT
Organization: Symantec Corp.
Lines: 22
Message-ID: <5amee7$7qv@Symiserver2.symantec.com>
References: <32CCF094.41C67EA6@corpex.com> <5ak1kq$ge6@uriah.heep.sax.de>
Reply-To: tedm@agora.rdrop.com
NNTP-Posting-Host: shiva2.central.com
X-Newsreader: IBM NewsReader/2 v1.2.5
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:33617

In <5ak1kq$ge6@uriah.heep.sax.de>, j@uriah.heep.sax.de (J Wunsch) writes:
>Neil Fowler Wright <neil@corpex.com> wrote:
>
>> 	If we have several machines on our network (Ie sames class C
>> block from the same hub and router), all with the clients having
>> root priviledge.  How do we stop a client from allocating the ip
>> number of another clients machine, or for that matter any other IP
>> number in that Class C block.
>
>By hiring an administrator.
>

This doesen't work, they still will do it!

One thing you can do to screw the fuckers is to re-program your routers
to ignore ARP's, put in a static ARP table, then go to your hub (assuming it
is intelligent enough) and lock out foreign MAC addresses.  That way, when they
do it they won't get any packets back.  Of course, this is much more labor
intensive since you have to do everything manually, and a real pain in the ass,
but if you need to keep some smart guys out there from screwing your network
over behind your back it is possible.