On Tue, 31 May 2005 13:36:25 +0200 (CEST) "Sylvain BERTRAND" <sylvain@xxxxxxxxxxxxxxxxxxxxxx> wrote: >Hi all, hi >I highly suggest you use arpwatch. It's a daemon that monitors MAC/IP on a >network, and can notify the administrator when something changes. arpwatch can only find out if the user changes his/her IP. If they change their MAC (and fake someone elses), you're out of luck :-(. >If you want to force the MAC for an IP, use "arp -f /etc/ethers" (man arp). >Iptables does the same thing with MAC matching, but using arp with a fixed >table is "the proper thing to do" (tm). [advertisement+joke] Actually, "the proper thing to do" is to use ipset + macipmap, just like Route Hat does ;-) [/advertisement+joke] >Sylvain Yours sincerely, Peter _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
