Re: GARP Confusion - SRND vs. Other Guides from Carlos G Mendioroz on 2010-01-20 (Ccielab archives 01/2010)

From: Carlos G Mendioroz <tron_at_huapi.ba.ar>
Date: Wed, 20 Jan 2010 20:42:56 -0300

AFAIK, setting GARP off at the phone will tell the phone to ignore
GARPs, i.e., to only pay attention to ARP responses received after
a local query.

Sounds good at first, but then it breaks some HA gadgets, nothing
very serious I guess.

-Carlos

ALL From_NJ @ 20/01/2010 17:26 -0300 dixit:
> I too am an amateur when it comes to security ... a nice thread, thanks for
> sending.
>
> AFAIK, you really can't stop every pc from sending garp or trying to become
> MITM. Some one please correct me if I am wrong.
>
> It is pretty easy for a compromised device to try and sabotage your network
> and or cause false arp and or dhcp resource problems and depletion.
>
> If man in the middle attacks are a really a concern, rather than only
> turning off garp, then I would suggest:
>
> turn on dhcp snooping
> turn on DAI
>
> These two would secure your network better than simply turning off garp on
> selective devices.
>
> you might be able to turn off listening to garp on the phones, but how to
> keep all your PCs from accepting and or sending this? Back to dhcp snooping
> and dai ...
>
> Would appreciate anyone's testimony on this as well. It would be
> interesting to hear.
>
> HTH and have a great day,
>
> Andrew Lee Lissitz
>
>
> .
> On Wed, Jan 20, 2010 at 2:00 PM, <armylegionmedic_at_aol.com> wrote:
>
>> Thanks for the reply. One thing that throws me off on this, and I am FAR
>> from
>> a Security ANYTHING including newbie, but dont these two contradict
>> eachother?
>> What one says its fixing or preventing the other says GARP opens it up for.
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: Marshall Stacks <catheadcatheadcathead_at_gmail.com>
>> To: armylegionmedic_at_aol.com
>> Cc: ccielab_at_groupstudy.com
>> Sent: Wed, Jan 20, 2010 10:58 am
>> Subject: Re: GARP Confusion - SRND vs. Other Guides
>>
>>
>> Yeah I got thoroughly confused by this when prepping for CCVP. My $0.02 is
>> that when talking "security" GARP should be disabled.
>>
>> John
>>
>>
>> On Wed, Jan 20, 2010 at 9:40 AM, <armylegionmedic_at_aol.com> wrote:
>>
>> Hello experts,
>>
>> So I was reviewing some information on the SRND for 6.X and found the
>> following
>> Gratuitous ARP
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

Received on Wed Jan 20 2010 - 20:42:56 ART

This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART