Zero configuration network

Filip Huška filip.huska at coolhousing.net
Tue Nov 3 21:48:33 CET 2009

Previous message: Zero configuration network
Next message: Zero configuration network
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Nov 3, 2009, at 7:47 PM, Dan Lukes wrote:

>
>> (jak resit ARP inspection?)
>
> Typicky ? Neresit ;-)
>
> Problemy, ktery ARP inspection resi ma jina reseni, ktera navic  
> pokryvaji i jine metody utoku.
JJ, treba DDOS prosvisteny sitovou architekturou, zrcadleni trafficku  
pri nedostupnosti ci duplicity
IP versus mac adresa na access portu, ci klonovani mac adres  
virtualizaci HW ...  nedejboze QOS policy.
Mno nevim. Prvni, kam se koukam  - mac adresy. A v 99% se nepotrebuju  
koukat jinam.
V tomto se nase nazory budou silne lisit. Je fakt, ze sice mam k  
dispozici vetsi vzorek, nez je lokalni
sit, avsak nedavno jsem diky arp cachi na routeru a mac cachi na  
portech vyresil 100Mbit/s bludneho
trafficku. Ale pokud si nekreslite grafy z L2 switche, tak to  
nepoznate, coz je nejhorsi. Klienti dokazi udelat
luxusni bordel, aniz by to vedeli.
f.

Previous message: Zero configuration network
Next message: Zero configuration network
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list