OpenVZ Forum


Home » Mailing lists » Users » ARP attacks in OpenVZ?
ARP attacks in OpenVZ? [message #30343] Wed, 21 May 2008 22:49
Gregor Mosheh is currently offline  Gregor Mosheh
Messages: 62
Registered: April 2007
Member
From: openvz.org
Hey there. I am curious to what degree VEs (using veth, to be exact) can 
engage in ARP attacks, e.g. ARP poisoning, ARP spoofing, and so on. I'm 
asking not only about VEs within a HN but a VE spoofing a IP on another 
HN on the same LAN.

I see that the HN performs proxy ARP, but are VEs actually prevented 
from generating ARP traffic?

I know too that veth routing is very stringent, e.g. veth10.0 is the 
only route to a given IP, so I suspect that ARP spoofing even if 
possible would be ineffective.

Any other thoughts on the topic?

-- 
Gregor Mosheh / Greg Allensworth, BS, A+
System Administrator
HostGIS cartographic development & hosting services
http://www.HostGIS.com/

"Remember that no one cares if you can back up,
  only if you can restore." - AMANDA
Previous Topic: Infinite loop in __d_lookup ?
Next Topic: xt_mark support
Goto Forum:
  


Current Time: Sat Dec 14 00:22:42 GMT 2019