|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Controlling access at the Ethernet level
From: Dan Ros (dan.ros
nildram.net)
Date: Mon Apr 05 2004 - 04:59:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> -----Original Message-----
> From: Adrian Penisoara [mailto:adyfreebsd.ady.ro]
> Sent: 04 April 2004 19:23
> To: freebsd-securityfreebsd.org
> Cc: freebsd-ispfreebsd.org
> Subject: Q: Controlling access at the Ethernet level
>
>
> We are facing service theft through impersonation, either
> solely IP
> or both IP and Ethernet MAC address. Securing IP access was solved
> using a static ARP scheme (we used "staticarp" for the
> internal gateway
> interface and tied to it a fixed list of IP/MAC tuples), but some of
> the clients learnt how to change both the IP and the MAC.
...
This sounds like a university residential halls network, am I right?
For what it's worth, the university I attend has tried both DHCP by mac
address, static arp and so on. Eventually now they have given up and the
cost of the network connection is simply included in the rent for the room.
That way they do not have to worry about unauthorised access.
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]