ARP poisonong. LIVE_MAC
Lowell Gilbert
freebsd-questions-local at be-well.ilk.org
Sat Jan 24 07:20:21 PST 2004
Alexey Kuzmenko <ask at un.kiev.ua> writes:
> There is a kernel module under Linux which is called LIVE-MAC. This
> module provide a sort of arp spoofing attack. It broadcasts arp
> replies for restricted host causing these hosts (basically windows) not
> to work in the LAN.
What an incredibly ugly idea.
> I'm wandering if there is something like above but for FreeBSD. I need
> to disallow any host network activity from the server (FreeBSD 4.8)
Surely there's a better way to implement what you're actually trying
to do; like firewalling the server you don't want accessed.
Even if you were going to try to do this by attacking ARP, I wouldn't
mess with the real IP stack to do it. Couldn't you could get the same
effect by using RARP or proxy ARP?
--
Lowell Gilbert, embedded/networking software engineer, Boston area:
resume/CV at http://be-well.ilk.org:8088/~lowell/resume/
username/password "public"
More information about the freebsd-questions
mailing list