jerry@oliveb.olivetti.com (Jerry Aguirre) (07/06/88)
We were concerned about one host spoofing another and I thought that presetting the ethernet address in the ARP table would provide some protection. Granted that someone can spoof the actual ethernet address but that requires more effort. What I found was that it didn't work. I used "arp -s" to set the ethernet address and it went into the table. The man page says you have to specify "temp" or it will be permanent. In actuality you have to use the undocumented "perm" keyword to make it permanent. But even when I marked it permanent the ethernet address would change to the value of the system attempting to connect. To test this I set the ethernet address to a value one off from the real system value: arp -s jerry-oatc 2:60:8c:41:97:19 perm I then attempted to rlogin from jerry-oatc to the system where the permanent arp entry was set. It suceeded and a subsequent arp showed that the ethernet address, still flagged as permanent, had changed to the correct value. So, does "perm" mean always keep SOME value around or does it mean keep the specified value around? After we decide maybe we can update the man page to reflect the "perm" keyword and describe what it really does. Jerry Aguirre