[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mac Address Filter



On Sat, Jun 08, 2002 at 10:52:26PM +0200, Philipp Buehler wrote:
> On 08/06/2002, O. Matt <init64_(_at_)_kodee_(_dot_)_org> wrote To misc_(_at_)_openbsd_(_dot_)_org:
> > > I'd like to hear some "arguments" why this is so
> > > desired.
> > For security purposes, on my local wireless P2P network, I have to
control
> > the access to my gateway.
>
> oh yes.
>
> > As WEP is really unsecure, I need to have an ipsec security. But some
> > hosts on the network don't have an ipsec implementation. So, I think a
>
> which OS still cant support ipsec, but has wavelan?

The old MacOS 9 :) Members of my family still use it...
	* no comment *

> > mac filtering rule would be fine.
>
> Well, I sniff your running connection, change the MAC of my card
> to yours, connect when you are offline. Bingo.
Yep, but if no MAC address filtering is set, having an access to the
gateway is harder. You have first to break the WEP security, then find
an IP and guess that you should sniff for the associated MAC address.
But I know, it's still a weak protection.
--
Olivier Matt, alias Init64
$a+=(~$a^$a)>>((log((~$a|$a)+1)/log(2)-1)); # Remplir & décaler
mailto:omatt_(_at_)_ulp_(_dot_)_u-strasbg_(_dot_)_fr  # for university related content
Jabber ID: init64_(_at_)_charente_(_dot_)_de               GPG KeyID: C19C2325

[demime 0.98d removed an attachment of type application/pgp-signature]



Visit your host, monkey.org