/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Johnny Vstberg wrote:
> I am currently experiencing a small security leak here, some peepz is
> stealing IP4s that have access to the internet. THey normally get IP4s
> from my DHCP server, but a few is setting a static IP (which have
> access to the internet). and now a few is "stealing" the IP4s. Any way I
> can get ip_masq to authenticate by hardware adress instead of just ip?.
>
> Since I have to reschedule the IP4s and all the cron settings to
> specific IP4s and I dont have time doing that every day or week or so.
> Is this possible in anyway? or at least making it somewhat more secure.
>
> thanks in advance
> //Johnny
no. but netfilter (linux-2.4) can.
are you sure that'll help. are the ip theifs local users?
if so, won't they have mac addresses that you consider
valid?
you could set it up so that as your dhcp server gave
out or reclaimed addresses, they firewall immediately
gets updated. that way, only valid ip addresses (from
the dhcp server's point of view) can be used.
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
