The use of bridges or switches removes the threat
of sniffing between network segments; likewise, the use of routers removes the
threat of ARP spoofing between IP subnets.
You
can separate the trusted hosts (those with IP addresses that might benefit an
attacker using ARP spoofing) from subnets on which an attacker might obtain
access. Subnetting for security is helpful if physical security prevents
attachment to the subnet of the trusted machine. Such subnetting prevents a
spoofer from powering down one of the trusted machines and attaching to the
subnet on which ARP requests from the trusting machine are broadcast.
A
temptation when considering using subnetting to protect from ARP spoofing is to
place the machine extending trust on a separate subnet from the machines to
which it is extending trust.
However,
this setup simply places the router in the position of being deceived by an ARP
spoof.
If
trust is extended on the basis of IP addresses, the machine extending the trust
is in turn trusting the routers to deliver the IP datagrams to the correct
machine. If the trusted machines are on a separate subnet that is susceptible
to ARP spoofing, the router for that subnet must bear the burden of ensuring
that IP datagrams get to their legitimate destination. With this setup, you
might need to place permanent ARP cache entries for the trusted machines in the
router itself.
Finally,
it is also important that trusted machines be protected from an ARP spoofer
that is attempting to masquerade as the router. Fortunately, routers are
typically physically secure and crash
rarely or for very little time, which makes them difficult to impersonate.
No comments:
Post a Comment