[LARTC] ARP daemon

[LARTC] ARP daemon

[Damjan]

I'm looking for a program that will replace the automatic ARP table
population by the Linux kernel. The daemon should fix the MAC <-> IP
entry from the IP of the first packet with that MAC received.

Is there anything like this?


-- 
damjan | дамјан
This is my jabber ID --> damjan@bagra.net.mk <-- not my mail address!!!
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] ARP daemon

[Ronny Aasen]

On Mon, 2004-08-09 at 12:01, Damjan wrote:
> I'm looking for a program that will replace the automatic ARP table
> population by the Linux kernel. The daemon should fix the MAC <-> IP
> entry from the IP of the first packet with that MAC received.
> 
> Is there anything like this?

you wont recive the packet unless the arp table is populated, since the
sender woudn't know to what mac to send the packet.

maybe you look for
/etc/ethers
or man ethers

good luck
-- 
Ronny Aasen <list@datapart-as.no>

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] ARP daemon

[Damjan]

> > I'm looking for a program that will replace the automatic ARP table
> > population by the Linux kernel. The daemon should fix the MAC <-> IP
> > entry from the IP of the first packet with that MAC received.
> > 
> > Is there anything like this?
> 
> you wont recive the packet unless the arp table is populated, since the
> sender woudn't know to what mac to send the packet.

What I want to accomplish is deny the possibility of users changing
their IP address, once its set.
 

-- 
damjan | дамјан
This is my jabber ID --> damjan@bagra.net.mk <-- not my mail address!!!
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] ARP daemon

[Jose Luis Domingo Lopez]

On Monday, 09 August 2004, at 14:51:55 +0200,
Damjan wrote:

> What I want to accomplish is deny the possibility of users changing
> their IP address, once its set.
>  
Then make it impossible for users to become "root" or equivalent in
their boxes, to prevent them from changing their interfaces MAC
addresses. This way users won't be able to do so, and even in the event
they try to boot with some sort of "live Linux CD" and change the MAC,
this change won't persist after reboot.

If you prefer/need to control this changes from your Linux box, then you
can play with iptables and its "mac" match (to bind together IP/MAC
pairs) or install "arpwatch". The latter won't prevent users from
(maybe) succeeding in their attemps to gain access to places where they
shouldn't be allowed to go, but you will be inmediately notified if
someone is not playing nice in your network.

Hope it helps.

-- 
Jose Luis Domingo Lopez
Linux Registered User #189436     Debian Linux Sid (Linux 2.6.8-rc2-mm2)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] ARP daemon

[Peter Surda]

On Mon, Aug 09, 2004 at 02:51:55PM +0200, Damjan wrote:
> What I want to accomplish is deny the possibility of users changing
> their IP address, once its set.
You can use SNMP-able switches to either monitor or even enforce this.

> damjan | дамјан
Bye,

Peter Surda (Shurdeek) <shurdeek@routehat.org>, ICQ 10236103, +436505122023

-- 
                Where do you think you're going today?
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/