[c-nsp] security

Gert Doering gert at greenie.muc.de
Tue Dec 2 10:36:37 EST 2008


On Tue, Dec 02, 2008 at 03:29:58PM +0000, Paul Cosgrove wrote:
> Arp uses a destination IP of, which  is the 'limited 
> broadcasts address'.  Packets with this destination are never routed 
> between subnets.

Actually, ARP does *not* use any IP broadcast address at all, neither 
"limited" or "subnet broadcast".

$ tcpdump -v -n -s0 -e 'arp'
16:35:21.981368 0:22:55:93:88:80 ff:ff:ff:ff:ff:ff 0806 60: arp who-has tell

... no IP address in here, except source and destination hosts.

Ethernet broadcast, yes.

USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20081202/377e9b40/attachment.bin>

More information about the cisco-nsp mailing list