RE: MAC level authentication or filtering

From: Roy Sgan-Cohen (Roys_at_xor-t.com)
Date: 10/08/04

  • Next message: Yvan Boily: "RE: Tutorial on Batch files and scripting" 
    Date: Fri, 8 Oct 2004 18:34:54 +0200
To: <kurtbuff@spro.net>, <dnardoni@firstresponseconsulting.com>, <security-basics@securityfocus.com>

    There still is a management problem of simply managing all these MAC
    filtering on all the switches in the organization (in case that this is
    a big organization, of course).

    -----Original Message-----
    From: Kurt [mailto:kurtbuff@spro.net]
    Sent: Friday, October 08, 2004 1:37 AM
    To: dnardoni@firstresponseconsulting.com;
    security-basics@securityfocus.com
    Subject: RE: MAC level authentication or filtering

    Depending on your switches, you could use MAC address filtering there,
    by specifiying that only certain addresses can use each port.

    | -----Original Message-----
    | From: David Nardoni [mailto:dnardoni@firstresponseconsulting.com]
    | Sent: Thursday, October 07, 2004 09:54
    | To: security-basics@securityfocus.com
    | Subject: MAC level authentication or filtering
    |
    |
    | I need a solution that will allow me to prevent a user from coming in
    | to my office and plugging in a laptop and gaining access to the
    | network.
    |
    | I have users that are currently using thin clients to connect to the
    | main server to do all their processing. If a legitimate user turns
    | bad and decides to bring in a system (laptop) from home and connect it

    | to the network and proceed to use their proper username and password
    | to gather information from terminal services, I want to be able to
    | recognize that they have plugged in an unauthorized system and keep
    | them from gaining access to the network.
    |
    | I welcome all ideas no matter what vendor solution or no matter how
    | simple or complex. If you need more info on the situation let me
    | know.
    |
    |
    | Dave Nardoni CISSP
    | First Response Consulting Services, Inc.
    | dnardoni@firstresponseconsulting.com
    |
    |

  • Next message: Yvan Boily: "RE: Tutorial on Batch files and scripting"

    Relevant Pages

    • Re: New Vista Laptop Does Not Connect
      ... Some computers may have a problem to access a wireless with MAC address filtering and WEP enabled. ... How to Setup Windows, Network, VPN & Remote Access on ...
      (microsoft.public.windows.vista.networking_sharing)
    • Re: Network Protection
      ... his IP address and add it to the blocklist of the router. ... MAC addresses rather than worry about every possible MAC address to block. ... reported by Windows, reboot, and then use your network. ... My low-end consumer-grade Linksys router has MAC filtering but it filters ...
      (microsoft.public.security)
    • Re: Unknown computer on home network
      ... >> I'm guessing that you are using a wireless network here. ... >> filtering on your router. ... That way only computers that are entered into ... but MAC filtering works better IMO. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Unknown computer on home network
      ... > I'm guessing that you are using a wireless network here. ... > filtering on your router. ... That way only computers that are entered into ... but MAC filtering works better IMO. ...
      (microsoft.public.windowsxp.network_web)
    • Re: kern/109815: wrong interface identifier at pfil_hooks for vlans + if_bridge
      ... Now we have two cases for behaviour of filtering. ... So now we can filter packets treating dst interface ... and do not take in to account the dst MAC. ... bridge that is serving around 60 hosts. ...
      (freebsd-net)