Security Basics mailing list archives

Re: MAC address

From: Francisco Andrades <fandrades () nextj com>
Date: Fri, 17 Oct 2003 12:36:23 -0400

Hi,

There are several problems with this approach: If your server is behinda firewall (as it should be if it's open to the internet) it will alwayssee the MAC address of the firewall (or router, gateway, proxy, etc). Ifyou plan to use the application within your organization only, it willnot work for people on other sub-nets. And you still have issuesregarding MACs: ARP spoofing, how to access it from certain languages, etc.

There are security patterns that address session related attacks. Youshould always try a proven concept first than creating a new technique.


Greetings

n30 wrote:

Guys,

Lets say i am a web programmer and i want to use strong sessions.

Is it possible for the web server to determine the MAC of clients browsing
the application.

If yes, I can programatically use this MAC address in sessions to prevent
lot of session related attacks.

For right now, say I can implement the web application in any language i
want.

Thanks
-n

---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------



--
Francisco Andrades Grassi
www.nextj.com
Tlf: +58-414-125-7415


---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------

Current thread:

Checksum for Windows 2000 CD Tsai Li Ming (Oct 16)
- <Possible follow-ups>
- RE: Checksum for Windows 2000 CD John Canty (Oct 16)
  - RE: Checksum for Windows 2000 CD Tsai Li Ming (Oct 17)
  - MAC address n30 (Oct 17)
    - Re: MAC address Francisco Andrades (Oct 17)
    - RE: MAC address David Gillett (Oct 17)
    - Re: MAC address Tomas Wolf (Oct 20)