ugoday@cs.buffalo.edu (Abdi M. Oday) (11/03/89)
To best explain my question/problem, here is a scenario: I have a LAN with 2 machines 1. a Sun 4/280 file server/yp-server/everything-server 2. a Sun 4/110 client (not diskless) This contains its own SunOS and only needs "shared" databases from the server. the Server and client are trusted machines with respect to one another. Now, john Doe from across the hall sets up his own Sun workstation and decided to use the same IP address (and hostname) as my client workstation. Now, both machines (My client and the intruding machine) are both up and running. Their consoles are being flooded with "Duplicate IP address at XX:xx:XX... " But, on both client machines, I can logon to the server as "userX", and the server will allow it because the user is coming from the trusted machine "client". I noted that when I check the arp entry for my client on the server machine's arp table, the entry for the client will be that of the last client to request something from the server. I made the arp entry for my client "permanent" on both the client and the server, but these "permanent" arp entries get over-written if a client with the same address as that of the entry, but a different ethernet address makes a request. My question is: If I have an arp entry IP_address Ether_address Can I make sure that no requests are accepted from machines with the same IP_address but different Ether_address than what my table indicates?? thanks -Abdi ugoday@cs.buffalo.edu (716) 632-7500 Ext. 5307 p.s. the default setting for ifconfig is that arp is used, and I have done nothing to offset this.
wargaski@accuvax.nwu.edu (Robert E. Wargaski Jr.) (11/16/89)
In article <2836@brazos.Rice.edu> ugoday@cs.buffalo.edu (Abdi M. Oday) writes: >X-Sun-Spots-Digest: Volume 8, Issue 188, message 6 of 13 > >Now, john Doe from across the hall sets up his own Sun workstation and >decided to use the same IP address (and hostname) as my client >workstation. > > [stuff about kludge ommitted] > Why on earth exert so much effort to make the server accept both machines, with the same IP address, when one could more easily make a quick entry to /etc/hosts? It would save you loads of problems and headaches, and would be up and running much sooner. Are you out of numbers? If so, just apply for another one! Robert E. Wargaski Jr. | This is stupid. -- Vila wargaski@acns.nwu.edu | When did that ever stop us. -- Avon NU Distributed Systems Support | . . . #include <disclaimer.h> . . .