Why would you have to worry so about security on your LAN? Are you worries somebody is going to break into your house, connect physically to lan, and spoof a mythbox and watch tv? :-p
On Fri, 2005-01-07 at 01:00 -0800, Brad Templeton wrote: > On Fri, Jan 07, 2005 at 08:36:43AM -0000, [EMAIL PROTECTED] wrote: > > Better than that why not do it by MAC address recognition, first time a > > machine > > pops up the backend asks if you want to allow it, if you say yes that > > MAC/IP > > is stored. Next time it pops up it will go oh yes I grant access to that > > one. > > Unfortunately the MAC address is totally insecure. You really want > the remote computer to have some way of remembering something to > authenticate itself. It would be nice, actually, if there were an > official way to make use of some of the unusued flash space the bios > sits in, for example. > > There are some tricks you can play, which are not super secure but > much better than the MAC. For example, you can calculate a signature > of sorts for the hardware of the machine in some fashion (pulling out > non-public things like identifiers of all the non-removable PNP hardware, > anything with serial numbers etc.) It doesn't have to be portable, as > long as you can get something non-guessable that will remain the same > boot to boot. (If it changes you have to re-auth.) > > Then you have a secret number you can use to prove you're the same > machine that authenticated last time. > > Short of all this, the user can type in a password of course. And that's > actually not that dreadful really. Client boots, user enters password, > and you're up. No IP addresses or any of that stuff. This is > easy to implement and modestly secure against random attempts to > screw up your systems. > > _______________________________________________ > mythtv-users mailing list > [email protected] > http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users -- Adam Felson <[EMAIL PROTECTED]>
_______________________________________________ mythtv-users mailing list [email protected] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
