Re: Network Security

From: Karl Levinson [x y] mvp (levinson_k@excite.com)
Date: 02/20/03 

From: "Karl Levinson [x y] mvp" <levinson_k@excite.com>
Date: Wed, 19 Feb 2003 23:09:18 -0500

I"m not really sure what your question is or what type of exploit you're
trying to prevent.

Forging MAC address is trivial to do, so I'm not sure this is a good way to
go.

You could set up your DHCP server with a DHCP reservation mapping one IP
address to one MAC address and then remove all the other free IP addresses
from the DHCP server, but this would not prevent someone from choosing their
own static IP address. It would also involve work on your part. To
determine the MAC address for each device, you could ping that device from a
computer that is on the same subnet [e.g NOT through a router] and then use
the ARP -a ip_address command to get the current MAC address.

Possibly some switches, routers and firewalls [I'm thinking Linux firewalls]
might let you block certain MAC addresses from communicating to other
computers through that device, but this is probably not advisable.

If you want to block access to the internet, you probably want a firewall
that will do user authentication. Or, a proxy server such as Squid which is
free might be helpful also.

If you've got Windows 2000 / NT / XP, you could set up logon restrictions
so that only certain users can log in from specified computers... but this
wouldn't prevent someone's windows 9x / ME laptop from logging into the
network.

"Mark Irvine" <markpirvine@hotmail.com> wrote in message
news:u5UD1Dz1CHA.1768@TK2MSFTNGP12...
> Hi,
>
> I was wondering if someone could tell me how I should go about preventing
> access to a w2k network via the NIC's MAC address?
>
> Mark
>
>

Relevant Pages

  • Re: Network Security
    ... >>I've been tasked to protect out network from unwanted clients ... > configure the DHCP server to only give out addresses to specific MAC ... > that says no visiting computers. ... >>not 'known' to us then we can stop it getting an IP from the DHCP server? ...
    (linux.redhat)
  • Re: MS Politics
    ... It also adds a whole slew of media center capabilities. ... a tiny percentage of Windows users have ever installed it. ... and have powerful computers and high-bandwidth ... Turn Mac on. ...
    (borland.public.delphi.non-technical)
  • Re: OT: Which PC Laptop?
    ... but if it's a home pc, then it will be in living rooms, and thus it's ... so that a room isn't taken over by computers. ... we haven't plugged the led fans in and the ... why there are PC and Mac folk. ...
    (uk.comp.sys.mac)
  • Re: Macs in the Enterprise. Be careful what you wish for.
    ... for your video streaming bandwidth, ... does not allow them to configure hardware on their computers. ... The point is, that a weak Mac, devoid of the coolest Mac applications ...
    (comp.sys.mac.advocacy)
  • Re: best antivirus solution for a Mac.
    ... updates for Panther in the last year too. ... packs and several security updates. ... Both of my computers, as well as the computers in ... I think that it is great that you are productive on a Mac. ...
    (microsoft.public.macintosh.general)