Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking at firewall via MAC address

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Sat, 15 Dec 2001 15:59:32 -0500 (EST)
On Fri, 14 Dec 2001, B. Scott Harroff wrote:


overcome.  Consider this: If you have the ability to change the MAC address,
you still have to know what the correct MAC address is you need to fake -
which will not be public information.  Also, that MAC will have to
correspond to a certain predetermined IP, another bit of non-public
information.  The combination of the two creates a relative cheap
challenging hurdle.



Spoofing IP's on the network while the real machine<s> is/are up and
active will reveal MAC addressing, it's not that hard to get the mappings,
one can also just strat scarfing up MAC addresses via arp, so, those not
clued into the MAC/IP mappings can get this info with little if any real
skill needed.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  sysinfo.com
                  http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: