Subject: Re: inetd.conf defaults
To: Erik Fair <fair@clock.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: tech-net
Date: 05/28/2000 13:56:08
Erik Fair writes:
> It would have to be quite the DoS attack - the typical 10/100 FDX 
> switch in that 8-port, $100 category has the capacity to handle 8,000 
> MAC addresses...

It should only take a fractional second to send that many forged ARP
replys.

I'd hate to base my unix machine's security at the mercy of how well
some non peer-reviewed firmware in some cost-sensitive consumer device
is functioning.

-wolfgang
-- 
Wolfgang Rupprecht    <wolfgang@wsrcc.com>     http://www.wsrcc.com/wolfgang/
DGPS signals via the Internet  http://www.wsrcc.com/wolfgang/gps/dgps-ip.html