Firewall Wizards mailing list archives
Re: Blocking at firewall via MAC address
From: Mark Brown <broonie () sirena org uk>
Date: Sun, 16 Dec 2001 16:52:42 +0000
On Sat, Dec 15, 2001 at 10:46:07AM -0800, Stephen P. Berry wrote:
On your OpenBSD box, run a little daemon that uses libpcap (or equivalent) to look at all the traffic coming from the subnet, with a simple filter rule that matches all traffic not originating from your known ether/IP pairs. Have it page you whenever it sees anything. This won't prevent
There is a tool called arpwatch (which is, I believe, included in the OpenBSD ports collection) which can do most of this. -- "You grabbed my hand and we fell into it, like a daydream - or a fever." _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- potential network attacks Daniel Handley (Dec 13)
- Blocking at firewall via MAC address B. Scott Harroff (Dec 14)
- Re: Blocking at firewall via MAC address Patrick Darden (Dec 15)
- Re: Blocking at firewall via MAC address Paul Robertson (Dec 16)
- Re: Blocking at firewall via MAC address black (Dec 15)
- Re: Blocking at firewall via MAC address B. Scott Harroff (Dec 15)
- Re: Blocking at firewall via MAC address Stephen P. Berry (Dec 16)
- Re: Blocking at firewall via MAC address Mark Brown (Dec 17)
- Re: Blocking at firewall via MAC address R. DuFresne (Dec 16)
- Re: Blocking at firewall via MAC address B. Scott Harroff (Dec 16)
- Re: Blocking at firewall via MAC address Ryan McBride (Dec 17)
- Re: Blocking at firewall via MAC address Paul Cardon (Dec 17)
- Re: Blocking at firewall via MAC address David Lang (Dec 17)
- Re: Blocking at firewall via MAC address Patrick Darden (Dec 15)
- Blocking at firewall via MAC address B. Scott Harroff (Dec 14)
- Re: Blocking at firewall via MAC address Patrick Darden (Dec 17)