Any security based on something as simple and as trusting as MAC addresses or IPs is not security at all.
IP addresses and MAC addresses were conceived before people had really thought of network security, they were still just trying to get these new fanged adding machines to talk to each other. And as such these technologies do not lend themselves to secure networks. If you are really trying to get a secure network you need to use a technology that was engineered for security from the beginning. The best known example would be 802.1x. And from reading your post it seems that it would work for your environment. PacketFence has great 802.1x support via its FreeRADIUS integration. I happen to know from experience that the Cisco 2950 supports 802.1x, cisco calls it Port-Based Authentication, but it is 802.1x. Try it, I think it will surprise you. It will certainly meet all of the items you listed. Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________ From: Grégoire Leroy [[email protected]] Sent: Sunday, May 13, 2012 5:56 PM To: [email protected] Subject: [PacketFence-users] Struggle with MAC/IP usurpation Hi, I manage the network of a student residence. I wish to know if PacketFence is able to struggle with the identity (MAC/IP) usurpation in my case : rooms are connected with 2950 Cisco switches, and students can connect in any room. I search for a solution which : -is able to prevent a student from stealing the MAC/IP addresses of another student -leave students to connect themselves in others rooms (login/password ?). -doesn't require login/password each time a student wants to access to the network in his own room with his own MAC/address. I've read the features lists and the documentation but I don't manage to know if it's really possible with these conditions. Thanks, Regards, Grégoire Leroy ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
