1.

Solve : mac cloning and arp cache?

Answer»
Hi
mac cloning is one method that the attcker use to change his mac to another mac by simple command as in linux can change the mac. the arp cache read the original mac from the bios when pc startup. this cache is read write then why the attacker can change the mac. i think if can change arp cache to read only the attacker can not change his mac and we can prevent from mac cloning but i do not know if i can change the sitting of arp cache to read only. and why this cache put as read write. any body can help me please What are you trying to accomplish here?
Are you trying to prevent computers you manage from changing their MAC address? If yes, why?not to derail the thread, but i converted the binary in your sig deerpark and i must say...huh?It's a reference to my old avatar/sig.
http://en.wikipedia.org/wiki/Flying_Spaghetti_Monster
I am studing spoofing methods and searching for new method to prevent from arp spoofing espically to mac cloning while the attacket change his mac address.Considering an attacker will usually be using his own computer, how did you envision write protecting the ARP cache on a computer he has full control over?
There are plenty of tools out there designed for detecting ARP poisoning. I think this is the way you NEED to go because it isn't feasible to prevent computers you have no control over from changing their MAC addresses. I miss FSM..... As long as you hold His Pastaness in your heart he will never truly be GONE. I think you do not understand me. i do not search about how can prevent my pc from mac cloning .i am seraching for universal solution if we change the cache that contains the mac in os then nobody can change his mac and then mac cloning can prevent
i hope you understand meSorry that i can't help but thought of responding here since i had a "arp cache" issue that has just arisen and i posted here in "other" not knowing what kind of issue this is but have had zero responses.

There is nothing in any of my messages that mentions the "mac address" but mentions the network administrator or person who manges my network to CLEAR the "arp cache".

Can what is happening to me be similar to what is happening in your case?

i did a google search and found some information about dumping the "arp cache", but following the instructions given results in another MS warning sound and a message which as often happens makes little or no sense to me what-so-ever.

Good luck with finding an answer to you question. i'll KEEP my eye on this post to see if anything seems relative to my situation.First of all, changing one's MAC address can be useful in network diagnostics so disabling that ability is a bad idea.
Second of all, there are 1000s of operating systems out there, it would be impossible to make them all agree to disable the feature.
Third of all, even if somehow all operating system did agree on this many operating systems are open source. So anyone COULD make a patch and re-enable the ability to change MAC addresses.

The real problem here is that the current internet architecture was never meant for the kind of use it is seeing now. It was never designed with security in mind for example, the internet did start out as a trusted network after all.
ARP spoofing is one of the symptoms of these problems. I don't think anything less than a complete rethinking of how the internet is supposed to be structured is really going to fix this.Deerpark,

"I don't think anything less than a complete rethinking of how the internet is supposed to be structured is really going to fix this."

Agreed. But who is left with the task of doing that?

It occurs to me that the same thing could be said about government.
\

K


Discussion

No Comment Found

Related InterviewSolutions