Firewall Wizards mailing list archives
Re: Windows dynamic ARP
From: John Mason Jr <john.mason.jr () cox net>
Date: Wed, 26 Nov 2008 11:33:24 -0500
Paul D. Robertson wrote:
On Wed, 26 Nov 2008, Darden, Patrick S. wrote:Some possibilities you might have already thought of for doing this in a roundabout fashion:1. If you are using advanced switches, you can implement this on them. Allow only certain MACs to connect to your network. 2. If your switchesI can MAC-lock switch ports, however what I'm looking for is a host-level backup to MAC locking the network layer, so that if there's a network compromise, or a hub is introduced in to the physical topology the game is not immediately lost.don't have the ability to do #1, perhaps your switches, core switches, or core router can filter out ARP requests/replies. 3. You can turn offARP won't cross a router- I'm specifically trying to shore up the host OS so that the host/network seperation still happens, but there's a layer of protection if the network layer or administrator is compromised.ARP response in windows (not quite what you wanted, I think) http://www.windowsreference.com/networking/enabledisable-response-to-arp-request-without-unicase-source-ethernet-address/Hmm, that looks mostly like it's a unicast/multi-and-broadcast switch- maybe there's someone who's done enough firewall code who can point me to a good shim location? The built-in firewall seems to be IP layer only.I'm going to have a good play with /32ing the subnet mask and adding a routing table entry for each host, but I really think that's going to end up being sub-optimal- as is adding a null static entry for every IP address I don't want to communicate with in the subnet (I'm betting the ARP table is a linear search in most network stacks.)Paul
How about this: <http://www.windowsreference.com/windows-vista/set-gratuitous-arp-requests-in-windows-server-2008-and-windows-vista/> John _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Windows dynamic ARP Paul D. Robertson (Nov 26)
- Re: Windows dynamic ARP Darden, Patrick S. (Nov 26)
- Re: Windows dynamic ARP Paul D. Robertson (Nov 26)
- Re: Windows dynamic ARP Darden, Patrick S. (Nov 26)
- Re: Windows dynamic ARP Paul D. Robertson (Nov 26)
- Re: Windows dynamic ARP John Mason Jr (Nov 26)
- Re: Windows dynamic ARP Darden, Patrick S. (Nov 26)
- Re: Windows dynamic ARP Paul D. Robertson (Nov 26)
- Re: Windows dynamic ARP Darden, Patrick S. (Nov 26)
- Re: Windows dynamic ARP Paul D. Robertson (Nov 26)
- Re: Windows dynamic ARP robbie . jacka (Nov 26)
- Re: Windows dynamic ARP Mike O'Connor (Nov 26)