Home page logo

basics logo Security Basics mailing list archives

Re: IP to MAC mapping
From: "Robert Hogan" <hoganr () raha com>
Date: Thu, 26 Dec 2002 10:19:46 +0300

We developed what you're looking for here. It is an iptables script that
uses a csv file passed from our billing system(rodopi) to accept/reject
customers on the basis of their mac address...


Robert Hogan
Systems Administrator
Web: http://www.raha.com
Email: hoganr () raha com
Tel: +255 +22 2119513/4/5
----- Original Message -----
From: "Devdas Bhagat" <dvb () users sourceforge net>
To: "Johan Denoyer" <jdenoy () digital-connexion info>
Cc: <security-basics () securityfocus com>
Sent: Friday, November 22, 2002 9:33 PM
Subject: Re: IP to MAC mapping

On 20/11/02 18:49 +0100, Johan Denoyer wrote:

we are currently looking into illegal usage of a protected network. We
managing a class C network, and we would like to be able to detect
usage of the network by finding the MAC address of the ip address used
then checking it against a database.
This is a bad idea. Use the generic concept of a firewall and allow only
selected MAC addresses to be active on the network.
You could script up some iptables rules for these, and a rule to DROP
and LOG all other MAC addresses. The ruleset can be built automatically
from a database.

Devdas Bhagat

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]