On Sat, Jun 29, 2002 at 03:17:24PM -0300, Joao Carlos wrote: > > several viruses do change the MAC address. The only real > > security is to have one user per port and filter the ports. > > Next step (but not as safe) is to wire down the arp table and only accept > > things that are in there (will be easy to implement in the > > new ipfw) > > I think it would be easier to deny all mac address in the ipfw rules except > by those that you know, right?
which must be recorded somewhere, and static entries in the arp table are a nice place to look at. cheers luigi To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message