----- Original Message -----
From: Junix Gaspar
To: plug@lists.linux.org.ph
Sent: Saturday, January 20, 2007 11:24 PM
Subject: [plug] IP Sentinel
Hello Guys,
I am trying to lock my network with IP Sentinel
(http://www.nongnu.org/ip-sentinel/).
however, the method it has is to identify the MAC of the offending
PC who tried
to use another IP that is not for them. Or have the specific MAC of
the offending PC
blocked
Is there another solution out there that will make sure that ONLY
authorized MAC will
participate in the Network. Non authorized PC/MAC will just get lost.
after reading how ipsentinel works.. i think you misunderstood how
ipsentinel really works...
ipsentinel works by setting up its mac-ip address pair table... ipsentinel
will try to poison the offender's arp table with non-existence or fake mac
address once it is detected the offender is not in its mac-ip address pair
table... thus the offender sends an ethernet frame to a destination mac
address that doesnt exist...
but this technique doesnt guarantee to work because a simple "arp static
entry" will circumvent ipsentinel's arp poisoning technique...
mac and ip address can be spoof therefore dont use it for any security
reasons... you need an authentication method to solve your problem... you
have two options... you either use layer 2 or layer 3 authentication methods
to gain access your network...
fooler.
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
plug@lists.linux.org.ph (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph