[c-nsp] Nmap(way ot)
David J. Hughes
bambi at Hughes.com.au
Thu May 5 17:19:01 EDT 2005
On 06/05/2005, at 12:56 AM, Gert Doering wrote:
> While this is useful at times, over the last years I've come to the
> conclusion that this is a VERY STUPID idea to have "enabled by
> default".
>
> Why? Because it means that people can get away with doing very stupid
> things (like "ip route 0.0.0.0 0.0.0.0 eth0") that would normally just
> *not* work (and then you need to find the problem and fix it
> immediately).
Couldn't agree with you more. Having proxy arp enabled by default is
clutching onto history with a little too much gusto. Allowing proxy
arp to recognise a static default as a "local entry" is a very
dangerous thing.
David - who unlike Gert, didn't make it to Stockholm for RIPE :-(
...
More information about the cisco-nsp
mailing list