> At $work, we're having more and more problems with people bringing
> laptops etc from home and plugging them in to the network. The company
> policy has always been against this, but it was never really enforced.
> I want to change that.
What's the intention of this policy?
I ask because, depending on the intention, the best attack may be
very different.
As a user, I'd look for ways to workaround any technical restriction you
can try to impose (e.g. clone the MAC of my office's desktop), so to
deter people like me, you'll want to combine technical measures with
social measures, or maybe you'll want to add measures that check that
the machines whose MAC you know are indeed who you think they are.
Or rather than prevent it, you may want to focus on detecting it, so
that you can know who does it.
Furthermore, you may want to offer some way for users to use their home
laptop in a way that's accepted by corporate policy (e.g. providing
a parallel "unsecured" network), so as to reduce the incentives for
users to break policy.
Stefan
_______________________________________________
mlug mailing list
[email protected]
https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
