[ previous ] [ next ] [ threads ]
 
 From:  "Mohammed" <m dot ismael at gmail dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Static arp table.
 Date:  Tue, 9 Sep 2008 03:03:27 +0300 
*       The proper way to protect against ARP poisoning is with controls on
your switches preventing it from occurring. 

*       Static ARP is impractical and ineffective in this circumstance (and
most others for that matter).

 

 

Chris, I respect and agree with what you said but,

What I don't understand is. where m0n0wall keep the files I upload?

 

 

*       If someone wants to ARP poison that network, this won't stop anyone
from poisoning the client PCs, 

*       and you aren't going to be able to maintain static ARP on every PC.
Hence you can't truly deploy static ARP

 

I am using software to provide static arp entry on the client PCs 

Not all of them but most. Now I need to protect the m0n0wall it self

From being spoofed.

And so there are worms and viruses that use arp.

Yes It is really a major headache to maintain.

 

I did not try building my own image, as m0n0wall almost fit.

But I wish to have this feature in next m0n0wall beta image.

  

Thanks allot 

Mohammed Ismail.