[nsp-sec] How to hijack traffic for an entire Content/Ad Company - ARP Poisoning revisited - 8800.org / 6600.org badness
Danny McPherson
danny at tcb.net
Thu Apr 10 14:39:33 EDT 2008
On Mar 27, 2008, at 10:29 AM, Sean Donelan wrote:
> ----------- nsp-security Confidential --------
>
> On Thu, 27 Mar 2008, Chris Morrow wrote:
>> so.. port-security is a solved problem for datacenters no?? Also,
>> Barry
>> should chime in here with some more/other direct experience...
>> Barry??
>
> Nope, not really a solved problem. Now think about the fun you can
> have
> with metro-wide, country-wide carrier ethernet systems being
> deployed. The
> amount of changes necessary to the "defaults" is insane. Not just bad
> stuff, but also the junk traffic.
>
> Friends don't let friends do ARP.
Note that this is what some of the SAVI work in the IETF was
aiming to solve. It's still progressing, albeit slowly. Basically,
mechanisms for {port,mac,IP} dynamic binding.
If you've got interest or ideas here's a pointer to the mailing list:
http://mail.nrc.tsinghua.edu.cn/cgi-bin/mailman/listinfo/sava
-danny
More information about the nsp-security
mailing list