ARP-spoofing defense

Topher Fischer javert42 at
Wed Mar 14 14:12:55 MDT 2007

Michael L Torrie wrote:
> On Wed, 2007-03-14 at 10:07 -0700, Nicholas Leippe wrote:
>> This is an optimization.  Your host does this with the idea that if you do 
>> decide to talk to one of these machines from which it has already seen ARP 
>> traffic, it can skip that step.
>> As for man-in-the middle, playing with ARP can cause disruption of services, 
>> and could intercept insecure protocols.  Which is why for critical data, ssl 
>> or other secure mechanism should be used.
> Additionally this is why SSL uses certificates that should be verified
> to prove that the host is who it says it is. Also ssh key fingerprints
> should always be verified.  How often do we ssh into a box and just
> automatically type "yes" to the fingerprint authorization?
> Michael
Well, this makes me wonder.  Is there a standard way to configure ssh to
use certificates, and for clients to maintain a list of trusted CAs and
trusted certificates?

Topher Fischer
GnuPG Fingerprint: 3597 1B8D C7A5 C5AF 2E19  EFF5 2FC3 BE99 D123 6674
javert42 at

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : 

More information about the PLUG mailing list