On 20/11/02 18:49 +0100, Johan Denoyer wrote: > Hi, > > we are currently looking into illegal usage of a protected network. We are > managing a class C network, and we would like to be able to detect illegal > usage of the network by finding the MAC address of the ip address used and > then checking it against a database. This is a bad idea. Use the generic concept of a firewall and allow only selected MAC addresses to be active on the network. You could script up some iptables rules for these, and a rule to DROP and LOG all other MAC addresses. The ruleset can be built automatically from a database.
Devdas Bhagat
