Security Basics mailing list archives
Re: Network Access Quarantine
From: Random Task <rand0m_t4sk () yahoo com>
Date: Tue, 27 Jan 2004 08:54:28 -0800 (PST)
A lot of Universities use a system similar to this in residence halls. You plug in, your MAC is checked on an allowed list, not found, so your DHCP request is fulfilled by a public server that performs a port 80 redirect to a registration/login page. The DHCP lease is set to five or ten seconds, so after registering, one basically must wait for the page to reload, then they've already bopped over to the DHCP server with more access. There was an article on slashdot about someone patenting this process (WRT wireless hotspots) and a few people posted some info on this type of thing. Mainly though, I'm thinking you may have better luck looking for a system that meets these parameters. I'm sure you can find a University somewhere that coded their own and made it open source, if there isn't already an open source version. Once you find one, you just change the HTML stuff to run the scan before allowing it. I know the University of Minnesota did something like this when students came back to class in September to try and keep blaster off the network. Perhaps start here: http://www1.umn.edu/nts --- Steve <securityfocus () delahunty com> wrote:
Why not force them to VPN in? Sure, there would be overhead for that, and costs for the VPN. I had a thought about this, and wonder what the groups thinks of this approach. With the security issues we now face in the workplace, I could see a good case for a real firewall between the actual end-users (employees) and our systems. I mean, why should regular old employees have direct access to all network servers anyway other than what they need for email etc? Sure this would take some work to set up the firewall ruleset internally but think about how recently we have all seen corporate servers running the risk of being infected by Nimda etc from inside our networks, not the fear if those ports are blocked between the servers and the employees. Just an interesting thought. ----- Original Message ----- From: "Nagy Gergely" <gergely.nagy () is-energy hu> To: <security-basics () securityfocus com> Sent: Wednesday, January 21, 2004 2:49 AM Subject: Network Access Quarantine Hi all, Do you have a solution for the following: I would need a DHCP quarantine which works as a virtual lan or something. The main role would be to check all the PCs that connect to the LAN for security patches and viruses before leting them to connect to the real one. If they comply to the company policy they can be forwarded to the real and live network where they can work as usualy the do. I have searched the net, but couldn't find anything like this. I could find this solution for dial-in and VPN users, but not for local ones. Any help would be kindly appreciated. Greg Ez a level virusellenorzesen esett at! This message was checked against viruses! Ez a level virusellenorzesen esett at! This message was checked against viruses!
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course!
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course!
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/ --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Network Access Quarantine Nagy Gergely (Jan 21)
- Re: Network Access Quarantine JM (Jan 22)
- Re: Network Access Quarantine Steve (Jan 26)
- Re: Network Access Quarantine Random Task (Jan 27)
- <Possible follow-ups>
- RE: Network Access Quarantine Moody, Chris (Jan 21)
- RE: Network Access Quarantine Rosenhan, David (Jan 21)
- RE: Network Access Quarantine Nagy Gergely (Jan 22)
- RE: Network Access Quarantine Kuhl, Vince (DotComm) (Jan 21)
- Re: Network Access Quarantine Matthew Kemp (Jan 22)
- RE: Network Access Quarantine John Kingston (Jan 26)
- RE: Network Access Quarantine Shawn Jackson (Jan 26)
- RE: Network Access Quarantine Rosenhan, David (Jan 26)
- RE: Network Access Quarantine Adams, Tom (Jan 26)
- Re: Network Access Quarantine Jeff Friend (Jan 28)