Hi! > Some network cards won't allow this, and afaik no winblows product will. > > A switch with static arp tables is a more drastic solution if you really > need this kind of spoofed IP protection. That way each machine > has its own port on the switch, which only allows the MAC address > for that machine and that machine only on that port. > You would probably be well advised to set up static ARP tables on the > firewall as well (just be aware that if you change a network card you > have to update this :) > As other have suggested, arpwatch is also a good idea.
Yes, I was thinking about to solve this problem with the use of the switch. I don't know SNMP yet. But isn't possible to monitor on the switch when the MAC-switchport association changes with SNMP? If this would be possible then the problem would be solved withou beeing drastic. I mean that the arp table of the switch needs not to be static... Thanks, Tamas
