Full Disclosure mailing list archives
Re: Snatching IP on LAN, how to DoS/block such machines?
From: Kristian Hermansen <khermansen () ht-technology com>
Date: Sun, 24 Jul 2005 09:34:53 -0400
On Thu, 2005-07-21 at 04:04 +0100, Niklas <maxxess () gmail com> wrote:
How do you "shut down" such hijackers? Blocking MAC at router level is not an option since the real machine might be turned on later (unblocking, as well as blocking, involves net admin, thoose changes doesn't happen in real time, probably week time :))
At universities I have been to, we always needed to sign into a preliminary device with our user/pass first. Until the user is authenticated, they remain on a VLAN which has limited access, or possibly none -- redirecting everything to the auth site. Upon auth, however, the user is popped off the VLAN and onto the Uni network and given a public IP. This is also done at MIT and various other places. It is the easiest way to authenticate your users from my perspective :-) Additionally, if you are just worried about p2p traffic, check out something like a PacketShaper from Packateer. It is a layer7 filtering device with a nice web admin tool that allows you to customize any protocol's bandwidth usage (0 KB/s if you want). So, that is something else for you to check out...where do you work? -- Kristian Hermansen <khermansen () ht-technology com>
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Snatching IP on LAN, how to DoS/block such machines? Niklas (Jul 20)
- <Possible follow-ups>
- Re: Snatching IP on LAN, how to DoS/block such machines? Kristian Hermansen (Jul 24)