Home page logo
/

basics logo Security Basics mailing list archives

Re: MAC address
From: aladin168 <aladin168 () hotmail com>
Date: 18 Nov 2003 21:59:57 -0000

In-Reply-To: <00a501c3956f$ab675410$1400a8c0 () sylvesta>

In addition, not likely, but obviously do-able, people can change (spoof) MAC addresses on the fly.  MAC address may 
not be the best method to use for security reasons.

For example, SMAC is a MAC Address modifying utility for XP, 2000, and 2003.  http://www.klcconsulting.net/smac

/

Received: (qmail 19646 invoked from network); 20 Oct 2003 15:02:01 -0000
Received: from outgoing2.securityfocus.com (205.206.231.26)
 by mail.securityfocus.com with SMTP; 20 Oct 2003 15:02:01 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
      by outgoing2.securityfocus.com (Postfix) with QMQP
      id 8C7948F306; Mon, 20 Oct 2003 03:08:35 -0600 (MDT)
Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics () securityfocus com>
List-Help: <mailto:security-basics-help () securityfocus com>
List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
Delivered-To: mailing list security-basics () securityfocus com
Delivered-To: moderator for security-basics () securityfocus com
Received: (qmail 3071 invoked from network); 18 Oct 2003 05:55:51 -0000
Message-ID: <00a501c3956f$ab675410$1400a8c0 () sylvesta>
From: "Tim Syratt" <tim () syratt com>
To: "Jorge Coll" <jcoll () commonx com>, "n30" <n30_lists () hotmail com>
Cc: <security-basics () securityfocus com>
References: <7A5010D9C29D7C469AEDAF562649713507E75F () jc commonx com>
Subject: Re: MAC address
Date: Sat, 18 Oct 2003 22:02:13 +1000
MIME-Version: 1.0
Content-Type: text/plain;
      charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165


Correct on all accounts.. and you must also consider cache engines as well.
.You could easily 'turn off' entire parts of ISPs because of one attacker,
and that could in turn be used as a form of DoS by attacking your site from
multiple locations using trojans.

Regs,
Tim.

----- Original Message ----- 
From: "Jorge Coll" <jcoll () commonx com>
To: "n30" <n30_lists () hotmail com>
Cc: <security-basics () securityfocus com>
Sent: Saturday, October 18, 2003 4:30 AM
Subject: RE: MAC address


No.  Not unless you're on the same local subnet.  MAC addresses are a
part of Layer 2 (Data Link).  Once you are past the first router, L2
information is dropped.  Layer 3 (IP) is what is used for routing
packets around.

- jc

-----Original Message-----
From: n30 [mailto:n30_lists () hotmail com]
Sent: Friday, October 17, 2003 10:49 AM
To: security-basics () securityfocus com
Subject: MAC address

Guys,

Lets say i am a web programmer and i want to use strong sessions.

Is it possible for the web server to determine the MAC of clients
browsing
the application.

If yes, I can programatically use this MAC address in sessions to
prevent
lot of session related attacks.

For right now, say I can implement the web application in any language i
want.

Thanks
-n

------------------------------------------------------------------------
---
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
------------------------------------------------------------------------
----


--------------------------------------------------------------------------
-
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
--------------------------------------------------------------------------
--




---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console

Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
----------------------------------------------------------------------------



---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Re: MAC address aladin168 (Nov 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]