On 2014-11-28, thev...@openmailbox.org thev...@openmailbox.org wrote:
If say machine 192.168.0.2 and 192.168.0.3 needs unrestricted access to
the net, then wont it be as easy as Joe changing his machines IP
address to 192.168.0.2 to gain access without authentication?
theoretically this is
On Fri, Nov 28, 2014 at 03:27:38PM +0100, Martin Hanson wrote:
theoretically this is possible, but only if the original machine holding
the ip was down. just as a nameserver converts to an ip, the ip is converted
to a MAC-address, which is associated with the NIC. if you want you can
On 2014-11-28, Martin Hanson greencopperm...@yandex.com wrote:
How does one secure against MAC/IP spoofing? Is there a way to prevent this.
1. You separate the traffic so that potential attackers cannot access
this network segment.
a. Physically: Run a wire.
b. Logically: Use a
On Fri, Nov 28, 2014 at 03:27:38PM +0100, Martin Hanson wrote:
First I would scan the network for MACs and matching IPs, then I would
spoof one at a time until I am out.
Don't forget about the differentiation between authpf and
authpf-noip. The latter can make things interesting for some use
theoretically this is possible, but only if the original machine holding
the ip was down. just as a nameserver converts to an ip, the ip is converted
to a MAC-address, which is associated with the NIC. if you want you can
permantly associate an ip with a mac, that way another machine cannot
On 2014-11-28, Christian Weisgerber na...@mips.inka.de wrote:
On 2014-11-28, Martin Hanson greencopperm...@yandex.com wrote:
How does one secure against MAC/IP spoofing? Is there a way to prevent this.
1. You separate the traffic so that potential attackers cannot access
this network
On Thu, Nov 27, 2014 at 05:09:02PM +0100, Martin Hanson wrote:
Hi
So I am looking into authpf and I am wondering about some real world
applications.
I have a bunch of users, but I also have just a bunch of machines.
The machines cannot login via SSH and should not try to do so (via some
Hi
So I am looking into authpf and I am wondering about some real world
applications.
I have a bunch of users, but I also have just a bunch of machines.
The machines cannot login via SSH and should not try to do so (via some
script or otherwise). However, these machines needs access 24/7.
So I
Here is a case where you trust the machines, but do not trust Joe.
Commonly, trusted servers are deployed on network segments that are
separate from untrusted users - via Ethernet segments or VLANs. It
is also possible to use VPNs to provide functional separation of
servers from users,
On Thu, 27 Nov 2014 17:09:02 +0100 Martin Hanson greencopperm...@yandex.com
wrote:
Hi
So I am looking into authpf and I am wondering about some real world
applications.
I have a bunch of users, but I also have just a bunch of machines.
The machines cannot login via SSH and should not
On 27.11.2014 17:09, Martin Hanson wrote:
Hi
So I am looking into authpf and I am wondering about some real world
applications.
I have a bunch of users, but I also have just a bunch of machines.
The machines cannot login via SSH and should not try to do so (via
some
script or otherwise).
11 matches
Mail list logo