ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ARPOP_REQUEST with spoofed IP address (joe, turn it off!)

2002-07-19 20:42:45
from [Valdis . Kletnieks] [Permanent Link] 
On Sat, 20 Jul 2002 10:41:02 +0900, Jun-ichiro itojun Hagino 
<itojun(_at_)iijlab(_dot_)net>  said:

      I looked through RFC826 and it seems that the operation performed by
      Lars was a Bad Thing.  RFC826 input processing explicitly suggests us
      to update ARP cache entry without checking arp operation type.

      therefore, it is unsafe to transmit ARP_REQUEST with spoofed IP
      source address - it will overwrite ARP entries of neighbors.


This is, of course, a major security hole...

Attachment: pgpG7xUgivt28.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ARPOP_REQUEST with spoofed IP address (joe, turn it off!), Jun-ichiro itojun Hagino
Next by Date:  Re: Jabber BOF afterthoughts, Carl Malamud
Previous by Thread:  Re: ARPOP_REQUEST with spoofed IP address (joe, turn it off!), Jun-ichiro itojun Hagino
Next by Thread:  Re: ARPOP_REQUEST with spoofed IP address (joe, turn it off!), Matt Crawford
Indexes:  [Date] [Thread] [Top] [All Lists]