Results 1 to 2 of 2
Hi guys. I am trying to secure my LAN a little by doing static arp entries. But I am not sure how to go about doing this... I have a ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 08-27-2010 #1
- Join Date
- Jul 2009
Securing network with static arp
1. But how do I prevent someone from picking an ip that nobody is using and assigning it manually?
2. I assigned a static arp entry by doing arp -i br0 -s 220.127.116.11 00:1F:E1:CC:2E:46, how do I remove it now? I used arp -d but now it just says:
? (18.104.22.168) at <incomplete> on br0
3. I would also like each machine to have a hostname/dns.. like machinex.local, where I can do forward and reverse dns lookups, how do I config this?
4. I know static arp can be fooled if someone just clones an allow mac.. is there anything else that I could use that is more secure for wired lan?
5. I have my gateway running rflow sending all data to ntop running on my dhcp box.. Ntop is kinda cryptic, is there anything easier to use? or something that is better in features? I would like to see how much bandwidth each local ip is using and possibly what protocols, like ntop already shows.
- 08-27-2010 #2
IEEE 802.1X - Wikipedia, the free encyclopedia
EAP/PEAP protocols may do the job. Basically they let users authenticate with their realm on a radius server, which in turn gives them - and only them - the credentials to communicate with the network.