Hi Rich, It's because I don't want to allow unsupportes OS's on the network (by unsupported I mean the vendor no longer relases patches). Apple only support the current and previous release.
I was hoping just to use DHCP fingerprinting, as I don't use the snort stuff - but perhaps I should look into that. My previous experiences with snort are that it's a little prone to throwing false positives, but I guess I can just enable specific rules for violations in PF. Thanks, Mark On 9 May 2012, at 15:33, "Rich Graves" <[email protected]> wrote: > Why? > > If this is due to Java security issues, something like ( (snort rule 2011582 > or snort rule 2011581) and (os detection MacOS X) ) should work. > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
