ugoday@cs.buffalo.edu (Abdi M. Oday) (11/03/89)
To best explain my question/problem, here is a scenario:
I have a LAN with 2 machines
1. a Sun 4/280 file server/yp-server/everything-server
2. a Sun 4/110 client (not diskless)
This contains its own SunOS and only
needs "shared" databases from the server.
the Server and client are trusted machines with respect to one another.
Now, john Doe from across the hall sets up his own Sun workstation and
decided to use the same IP address (and hostname) as my client
workstation.
Now, both machines (My client and the intruding machine) are both up and
running. Their consoles are being flooded with
"Duplicate IP address at XX:xx:XX... "
But, on both client machines, I can logon to the server as "userX", and
the server will allow it because the user is coming from the trusted
machine "client".
I noted that when I check the arp entry for my client on the server
machine's arp table, the entry for the client will be that of the last
client to request something from the server.
I made the arp entry for my client "permanent" on both the client and the
server, but these "permanent" arp entries get over-written if a client
with the same address as that of the entry, but a different ethernet
address makes a request.
My question is: If I have an arp entry
IP_address Ether_address
Can I make sure that no requests are accepted from machines with the same
IP_address but different Ether_address than what my table indicates??
thanks
-Abdi
ugoday@cs.buffalo.edu
(716) 632-7500 Ext. 5307
p.s. the default setting for ifconfig is that arp is used, and I have
done nothing to offset this.wargaski@accuvax.nwu.edu (Robert E. Wargaski Jr.) (11/16/89)
In article <2836@brazos.Rice.edu> ugoday@cs.buffalo.edu (Abdi M. Oday) writes: >X-Sun-Spots-Digest: Volume 8, Issue 188, message 6 of 13 > >Now, john Doe from across the hall sets up his own Sun workstation and >decided to use the same IP address (and hostname) as my client >workstation. > > [stuff about kludge ommitted] > Why on earth exert so much effort to make the server accept both machines, with the same IP address, when one could more easily make a quick entry to /etc/hosts? It would save you loads of problems and headaches, and would be up and running much sooner. Are you out of numbers? If so, just apply for another one! Robert E. Wargaski Jr. | This is stupid. -- Vila wargaski@acns.nwu.edu | When did that ever stop us. -- Avon NU Distributed Systems Support | . . . #include <disclaimer.h> . . .