Re: [lwip-users] arp question

lwip-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lwip-users] arp question

From:	Kieran Mansley
Subject:	Re: [lwip-users] arp question
Date:	Mon, 14 Feb 2005 13:30:35 +0000

On Thu, 2005-02-10 at 15:58 -0800, Jim Gibbons wrote:

> Who's right here?  Is it legitimate to glean ethernet source addresses
> from incoming IP packets, or should one rely exclusively on the
> information presented in ARP replies?  

In a trusted environment, it's probably OK, but priority should be given
to ARP entries that have been "actively" (as opposed to this passive
method) set up.

There is, in an untrusted environment, an obvious DoS attack where you
can persuade a host that gleans ARP data in this way to send packets to
the wrong host, or just cause it to thrash its ARP cache leading to poor
performance.

Kieran

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-users] arp question, Jim Gibbons, 2005/02/10
- Re: [lwip-users] arp question, Kieran Mansley <=
- Re: [lwip-users] arp question, christiaan . simons, 2005/02/11
  - Re: [lwip-users] arp question, Leon Woestenberg, 2005/02/12
  - Re: [lwip-users] arp question, Timmy Brolin, 2005/02/12
    - [lwip-users] PPP using raw api, Karl Kobel, 2005/02/13

Prev by Date: [lwip-users] PPP using raw api
Next by Date: [lwip-users] Re: pack macros.
Previous by thread: [lwip-users] arp question
Next by thread: Re: [lwip-users] arp question
Index(es):
- Date
- Thread