Re: MAC address

[aladin168 <aladin168 () hotmail com>]

In-Reply-To: <00a501c3956f$ab675410$1400a8c0@sylvesta>

In addition, not likely, but obviously do-able, people can change (spoof) MAC addresses on the fly.  MAC address may 
not be the best method to use for security reasons.

For example, SMAC is a MAC Address modifying utility for XP, 2000, and 2003.  http://www.klcconsulting.net/smac

/

> Received: (qmail 19646 invoked from network); 20 Oct 2003 15:02:01 -0000
> Received: from outgoing2.securityfocus.com (205.206.231.26)
>  by mail.securityfocus.com with SMTP; 20 Oct 2003 15:02:01 -0000
> Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
>       by outgoing2.securityfocus.com (Postfix) with QMQP
>       id 8C7948F306; Mon, 20 Oct 2003 03:08:35 -0600 (MDT)
> Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <security-basics.list-id.securityfocus.com>
> List-Post: <mailto:security-basics () securityfocus com>
> List-Help: <mailto:security-basics-help () securityfocus com>
> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com>
> Delivered-To: mailing list security-basics () securityfocus com
> Delivered-To: moderator for security-basics () securityfocus com
> Received: (qmail 3071 invoked from network); 18 Oct 2003 05:55:51 -0000
> Message-ID: <00a501c3956f$ab675410$1400a8c0@sylvesta>
> From: "Tim Syratt" <tim () syratt com>
> To: "Jorge Coll" <jcoll () commonx com>, "n30" <n30_lists () hotmail com>
> Cc: <security-basics () securityfocus com>
> References: <7A5010D9C29D7C469AEDAF562649713507E75F () jc commonx com>
> Subject: Re: MAC address
> Date: Sat, 18 Oct 2003 22:02:13 +1000
> MIME-Version: 1.0
> Content-Type: text/plain;
>       charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2800.1158
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
>
>
> Correct on all accounts.. and you must also consider cache engines as well.
> .You could easily 'turn off' entire parts of ISPs because of one attacker,
> and that could in turn be used as a form of DoS by attacking your site from
> multiple locations using trojans.
>
> Regs,
> Tim.
>
> ----- Original Message ----- 
> From: "Jorge Coll" <jcoll () commonx com>
> To: "n30" <n30_lists () hotmail com>
> Cc: <security-basics () securityfocus com>
> Sent: Saturday, October 18, 2003 4:30 AM
> Subject: RE: MAC address
>
>
> > No.  Not unless you're on the same local subnet.  MAC addresses are a
> > part of Layer 2 (Data Link).  Once you are past the first router, L2
> > information is dropped.  Layer 3 (IP) is what is used for routing
> > packets around.
> >
> > - jc
> >
> > -----Original Message-----
> > From: n30 [mailto:n30_lists () hotmail com]
> > Sent: Friday, October 17, 2003 10:49 AM
> > To: security-basics () securityfocus com
> > Subject: MAC address
> >
> > Guys,
> >
> > Lets say i am a web programmer and i want to use strong sessions.
> >
> > Is it possible for the web server to determine the MAC of clients
> > browsing
> > the application.
> >
> > If yes, I can programatically use this MAC address in sessions to
> > prevent
> > lot of session related attacks.
> >
> > For right now, say I can implement the web application in any language i
> > want.
> >
> > Thanks
> > -n
> >
> > ------------------------------------------------------------------------
> > ---
> > FREE Whitepaper: Better Management for Network Security
> >
> > Looking for a better way to manage your IP security?
> > Learn how Solsoft can help you:
> > - Ensure robust IP security through policy-based management
> > - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> > networks
> > - Quickly respond to network events from a central console
> >
> > Download our FREE whitepaper at:
> > http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
> > ------------------------------------------------------------------------
> > ----
> >
> >
> > --------------------------------------------------------------------------
> -
> > FREE Whitepaper: Better Management for Network Security
> >
> > Looking for a better way to manage your IP security?
> > Learn how Solsoft can help you:
> > - Ensure robust IP security through policy-based management
> > - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> > networks
> > - Quickly respond to network events from a central console
> >
> > Download our FREE whitepaper at:
> > http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
> > --------------------------------------------------------------------------
> --
> >
>
>
> ---------------------------------------------------------------------------
> FREE Whitepaper: Better Management for Network Security
>
> Looking for a better way to manage your IP security?
> Learn how Solsoft can help you:
> - Ensure robust IP security through policy-based management
> - Make firewall, VPN, and NAT rules interoperable across heterogeneous
> networks
> - Quickly respond to network events from a central console
>
> Download our FREE whitepaper at:
> http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------