Security Basics: RE: MAC level authentication or filtering

["Mike" <mike () superiorholidayadventures ca>]

You could use a bridging linux firewall to only allow traffic to and
from specific macs.  Be aware that this has overhead, how much depends
on the amount of workstations you have.  Also, crafty users can spoof
their mac's.

You could also use a non-bridging linux firewall to allow traffic only
from specific mac *and* ip combinations.

This is not completely foolproof, but it should do the job.

Mike Fetherston

> -----Original Message-----
> From: David Nardoni [mailto:dnardoni () firstresponseconsulting com]
> Sent: Thursday, October 07, 2004 12:54 PM
> To: security-basics () securityfocus com
> Subject: MAC level authentication or filtering
>
> I need a solution that will allow me to prevent a user from coming in
to
> my
> office and plugging in a laptop and gaining access to the network.
>
> I have users that are currently using thin clients to connect to the
main
> server to do all their processing.  If a legitimate user turns bad and
> decides to bring in a system (laptop) from home and connect it to the
> network and proceed to use their proper username and password to
gather
> information from terminal services, I want to be able to recognize
that
> they
> have plugged in an unauthorized system and keep them from gaining
access
> to
> the network.
>
> I welcome all ideas no matter what vendor solution or no matter how
simple
> or complex.  If you need more info on the situation let me know.
>
>
> Dave Nardoni CISSP
> First Response Consulting Services, Inc.
> dnardoni () firstresponseconsulting com