Security Basics mailing list archives
Re: MAC Authentication device
From: "David Nichols" <dnichols () amci com>
Date: Thu, 20 Nov 2003 15:21:57 -0500
You can still use MAC filtering by having your "trusted network" on one side of the firewall and everything else on the other. Think of a firewall/router as a device that connects two networks, not just a public network (the internet) to a private network. Most large scale private networks use routers to breakup broadcast domains. As far as an authentication device that only allows a network login based on a list of allowable MAC addresses, I don't know of one. But it is an interesting idea. In Linux terms, you could probably build a dedicated authentication server that runs netfilter/iptables rules to kill packets that aren't on the "approved" MAC list before they even get out of the TCP/IP stack. I'm not sure if you can do the same thing on a single Windows box, but I'm sure you can do it by placing a filtering router between the authentication server and the rest of the network as suggested above. David Nichols ----- Original Message ----- From: "aladin168" <aladin168 () hotmail com> To: <security-basics () securityfocus com> Sent: Tuesday, November 18, 2003 4:54 PM Subject: MAC Authentication device
Hi, Can anyone recommend a device that will do MAC Address Authentication
before allowing a user/computer to connect to the network. This is different then MAC Address filtering, which allow or disallow access to the Internet for the the systems that are already on the network.
I am trying to find a cheap device that will help me control non-employees
accessing our trusted network.
Thanks, /Kyle --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- MAC Authentication device aladin168 (Nov 19)
- RE: MAC Authentication device Hasnain Atique (Nov 20)
- Re: MAC Authentication device Tim Syratt (Nov 20)
- Re: MAC Authentication device Oleksandr Darchuk (Nov 20)
- Re: MAC Authentication device Ansgar -59cobalt- Wiechers (Nov 20)
- Re: MAC Authentication device Timo Schoeler (Nov 20)
- RE: MAC Authentication device arek (Nov 21)
- Re: MAC Authentication device Timo Schoeler (Nov 20)
- Re: MAC Authentication device David Nichols (Nov 20)
- Re: MAC Authentication device Kevin Saenz (Nov 21)
- <Possible follow-ups>
- RE: MAC Authentication device Mike (Nov 20)
- Re: MAC Authentication device InCisT (Nov 20)
- Re: MAC Authentication device Fernando Gont (Nov 20)
- RE: MAC Authentication device Mike (Nov 20)
- RE: MAC Authentication device Mike (Nov 20)
- RE: MAC Authentication device Wilcox, Stephen (Nov 20)
- Re: MAC Authentication device Joann Jane (Nov 21)
- RE: MAC Authentication device Batkin, Seva (Nov 21)