According to Paul Robertson: > >That doesn't stop an internal user on the same subnet from "stealing" a >valid IP address. >
Depending on how much work you want to do you can manually fill the arp cache with IP/Mac address pairs. That way they will have to steal the network card or reprogram the MAC on the network card... -- =============================================================================== Brett Lymn, Computer Systems Administrator, BAE SYSTEMS =============================================================================== _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
