|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
RE: Using ARP to map a network
Date: Tue Feb 04 2003 - 22:38:36 EST
yeah - it is flawed :)
MAC to IP mappings as in the ARP table only happens when both source and destination IP hosts are on the same L2, and by definition, L3 network. so a host ARP table on NET X should only show entries for those machines on its same subnet the host had conversations with.
of course, knowing host X IP address and subnet mask, you could start ARPing for all the other available IPs on the range and know what IP addresses are in use, and what not (little issue with machines powered off when you're doing your ARPinging ;))
for all non-local destinations, the only entry the host should have is for the MAC/IP pair of it's default gateway.
one small digression: a host _could_ have MAC/IP pairs in its ARP table for machines not on the same subnet, _if_ the router on the local segment is a Cisco router with "ip proxy-arp" enabled - and even then, it would only have mapped IPs on the non-local network to the router MAC address (as you suggested), but only for router-connected subnets of the same major network the ARPing host is connected to. check
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr _c/ipcprt1/1cfipadr.htm#1001233
and RFC-1027 to fully understand what problems proxy-arp solves. and btw: Cisco's recommendation (from a security point of view) is to disable proxy ARP if not needed - just to thwart practices as you want to implement :))
This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ Received on Wed Feb 5 13:31:40 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:32 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |