Re: GARP Confusion - SRND vs. Other Guides from ALL From_NJ on 2010-01-20 (Ccielab archives 01/2010)

From: ALL From_NJ <all.from.nj_at_gmail.com>
Date: Wed, 20 Jan 2010 15:26:11 -0500

I too am an amateur when it comes to security ... a nice thread, thanks for
sending.

AFAIK, you really can't stop every pc from sending garp or trying to become
MITM. Some one please correct me if I am wrong.

It is pretty easy for a compromised device to try and sabotage your network
and or cause false arp and or dhcp resource problems and depletion.

If man in the middle attacks are a really a concern, rather than only
turning off garp, then I would suggest:

turn on dhcp snooping
turn on DAI

These two would secure your network better than simply turning off garp on
selective devices.

you might be able to turn off listening to garp on the phones, but how to
keep all your PCs from accepting and or sending this? Back to dhcp snooping
and dai ...

Would appreciate anyone's testimony on this as well. It would be
interesting to hear.

HTH and have a great day,

Andrew Lee Lissitz

.
On Wed, Jan 20, 2010 at 2:00 PM, <armylegionmedic_at_aol.com> wrote:

> Thanks for the reply. One thing that throws me off on this, and I am FAR
> from
> a Security ANYTHING including newbie, but dont these two contradict
> eachother?
> What one says its fixing or preventing the other says GARP opens it up for.
>
>
>
>
>
> -----Original Message-----
> From: Marshall Stacks <catheadcatheadcathead_at_gmail.com>
> To: armylegionmedic_at_aol.com
> Cc: ccielab_at_groupstudy.com
> Sent: Wed, Jan 20, 2010 10:58 am
> Subject: Re: GARP Confusion - SRND vs. Other Guides
>
>
> Yeah I got thoroughly confused by this when prepping for CCVP. My $0.02 is
> that when talking "security" GARP should be disabled.
>
> John
>
>
> On Wed, Jan 20, 2010 at 9:40 AM, <armylegionmedic_at_aol.com> wrote:
>
> Hello experts,
>
> So I was reviewing some information on the SRND for 6.X and found the
> following
> Gratuitous ARP
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Andrew Lee Lissitz
all.from.nj_at_gmail.com
Blogs and organic groups at http://www.ccie.net

Received on Wed Jan 20 2010 - 15:26:11 ART

This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART