Re: MAC level authentication or filtering

[Ajay <abra9823 () mail usyd edu au>]

Quoting David Nardoni <dnardoni () firstresponseconsulting com>:

> I need a solution that will allow me to prevent a user from coming in to
> my
> office and plugging in a laptop and gaining access to the network.
>
> I have users that are currently using thin clients to connect to the
> main
> server to do all their processing.  If a legitimate user turns bad and
> decides to bring in a system (laptop) from home and connect it to the
> network and proceed to use their proper username and password to gather
> information from terminal services, I want to be able to recognize that
> they
> have plugged in an unauthorized system and keep them from gaining access
> to
> the network.
>
> I welcome all ideas no matter what vendor solution or no matter how
> simple
> or complex.  If you need more info on the situation let me know.
i would have said MAC addresses but those can be changed. The person could
take the MAC address of the computer that is allowed to connect to the
network and which may be switched off and use that.
i'm afraid i can't think of anything else





> Dave Nardoni CISSP
> First Response Consulting Services, Inc.
> dnardoni () firstresponseconsulting com


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.