LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-12-2004, 09:35 PM   #1
Tinkster
Moderator
 
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928Reputation: 928
Win98 hi-jacking IP's ...


Hi guys,

I've been googling all afternoon, but couldn't
come up with a solution ...

Our boy was mucking around with his windows,
and "hi-jacked" the IP of my workstation... I know
how to use iptables to stop him from going outside
with my IP, but I would like to know how I can
prevent such a thing completely... my NFS connection
broke down after he grabbed my IP.


Cheers,
Tink
 
Old 01-12-2004, 09:48 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
Well, an OS shouldn't allow you to assign yourself an IP that exists on the local network segment, but it's very possible that Win98 will ignore ARP errors.

The only thing that comes to mind is that you could write a script to automatically adds definitions for all your other machines on boot. The following snippet is from the OpenBSD arp(8) man page:
Quote:
ARP(8) OpenBSD System Manager's Manual ARP(8)

NAME
arp - address resolution display and control

SYNOPSIS
arp [-n] hostname
arp [-n] -a
arp -d hostname
arp -d -a
arp -s hostname ether_addr [temp | permanent] [pub]
arp -f filename

DESCRIPTION
The arp program displays and modifies the Internet-to-Ethernet address
translation tables used by the address resolution protocol (arp(4)).
With no flags, the program displays the current ARP entry for hostname.
The host may be specified by name or by number, using Internet dot nota-
tion.

Available options:

-a The program displays or deletes all of the current ARP entries.

-d A superuser may delete an entry for the host called hostname with
the -d flag.

Alternatively, the -d flag may be combined with the -a flag to
delete all entries, with hostname lookups automatically disabled.

-n Show network addresses as numbers (normally arp attempts to dis-
play addresses symbolically).

-s hostname ether_addr
Create an ARP entry for the host called hostname with the Ether-
net address ether_addr. The Ethernet address is given as six hex
bytes separated by colons. The entry will be static, i.e., not
time out, unless the word temp is given in the command. A static
ARP entry can be overwritten by network traffic, unless the word
permanent is given. If the word pub is given, the entry will be
``published''; i.e., this system will act as an ARP server, re-
sponding to requests for hostname even though the host address is
not its own. This behavior has traditionally been called proxy
arp.

-f Causes the file filename to be read and multiple entries to be
set in the ARP tables. Entries in the file should be of the form

hostname ether_addr [temp | permanent] [pub]

with argument meanings as given above.

EXAMPLES
To view the current arp table:

$ arp -a

To create a permanent entry (One that cannot be overwritten by other net-
work traffic):

# arp -s 10.0.0.2 00:90:27:bb:cc:dd permanent

...
Edit: this is the last edit, I swear...
So essentially what this is doing is telling all the other hosts to ignore a host that pretends to be something other than it is. Note that you'll have to use arp -s on every host that you want protected.

Last edited by chort; 01-12-2004 at 09:52 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables - Multiple Public IP's to private IP's matneyc Linux - Security 8 05-27-2005 12:23 PM
firewalls and IP's petezilla Linux - Networking 8 04-11-2004 04:13 PM
More ip's ThePlague Linux - Networking 1 02-02-2002 04:19 PM
ip's Syphon Linux - Networking 1 01-18-2002 07:35 PM
Linux/Win98 Dual Boot, Win98 won't boot TIMMY! Linux - Software 21 04-18-2001 03:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration