DHCP security
Steven Stern
subscribed-lists at sterndata.com
Wed Oct 10 00:20:00 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/09/2007 07:20 PM, Alan Cox wrote:
>> I've been on university systems that use a hotel-like system. On the
>> first connection on port 80 to any address, one is directed to an
>> authentication page. All access is blocked to any address on all ports
>> until that authentication is given.
>
> Which means an attacker simply sits on the network waits for someone to
> authenticate and then takes on their MAC address.
>
> Alan
>
I suppose on a wired system, you could map each MAC address to a port on
a switch and require re-authentication if the port changes. It gets
trickier if this is done on wireless.
- --
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFHDBqweERILVgMyvARAosRAJoDZgCCPOFeEoRqJEhASR6GvCwNaQCeNBxJ
CMdxvK43BsS6Kgd6NykM9kc=
=A1TL
-----END PGP SIGNATURE-----
More information about the users
mailing list