Re: [fw-wiz] Content filtering - how to enforce at home



Le 9/8/2010 9:18 PM, Wieslaw Lubas a écrit :
Hi,

Scenario 1a. Smart 7 years young hacker replaces "appliance" with some non-filtering proxy, using the same IP. How to avoid this hack?

Scenario 2a. Smart 7 years young hacker clones "appliance" MAC and connects dorectly to CPE.How to avoid this hack? 802.1x?

Scenario 2b. CPE is provider-managed - in my case cable modem acting as a bridge. No mac filtering. Any connected DHCP client gets online. Anything else than physical lock will help (connecting cable modem with "appliance", setting up appliance as DHCP server, both boxes secured with key in enclosure)?

Is there any software based solution that could do the job?

This 7 years hacker is so smart he will replace the software running on the PC with a livecd to bypass the software restriction.
Unless you find a PC without CD and USB port.
Specifically, tamper proof network driver acting as ICAP client (I could install filter with ICAP server in remote location).

Wieslaw
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards