Re: Blocking by MAC Address -

---

• From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
• Date: Thu, 24 Nov 2005 22:07:08 +0100

---

Hi,

Mitigating the Threats of Rogue Machines-802.1X or IPsec?
http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx

--
Mike
Microsoft MVP - Windows Security

"FabrizioV" <FabrizioV@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BC754371-C79E-49D7-8BDC-E2AECE125E31@xxxxxxxxxxxxxxxx
> Good morning.
>
> Best way would be to use 802.1X protocol.
>
> It requires, of course, switches supporting the protocol and a
> radius/certification authority (if you have Windows 2003 it is easy to set
> up
> a C.A. and radius).
> Then you put a digital certificate an all the recognized workstations.
>
> When a computer connects to a network switch, the switch verifies the
> computer certificate on the C.A. using radius.
> If the computer is without a valid certificate, the port of your switch
> will
> stay off, cutting out the rogues.
>
> This is the only "secure enough" metod I know and, most important, it is
> the
> only one giving you the chance to block a rogue BEFORE it gets an ip
> address
> of your network from DHCP.
>
> "Miha Pihler [MVP]" wrote:
>
>> Hi,
>>
>> I am not aware of any way on doing this on Windows out of the box. You
>> have
>> to know, that MAC can be changed in about 10 seconds on any computer. Now
>> all I have to do is assign myself MAC of your computer (since you have
>> access to everything)...
>> What are you trying to protect? There might be better way of doing what
>> you
>> want.
>>
>> --
>> Mike
>> Microsoft MVP - Windows Security
>>
>> "aman11" <sds510@xxxxxxxxx> wrote in message
>> news:1132773640.983256.182160@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> >I am trying to block out mac addresses from rogue computers attaching
>> > to our network. I was thinking of setting up a reservation on our DHCP
>> > server with a bogus ip address (10.10.10.1) for each of the mac
>> > addresses of the computers that I want to lock out. Can anyone give me
>> > any insight on the best practices for blocking by mac address
>> >
>> > thanks
>> >
>>
>>
>>


.

---

• References:
  • Blocking by MAC Address -
    • From: aman11
  • Re: Blocking by MAC Address -
    • From: Miha Pihler [MVP]

• Prev by Date: Re: excessive login times while logging into windows 2000 AD DC
• Next by Date: Re: excessive login times while logging into windows 2000 AD DC
• Previous by thread: Re: Blocking by MAC Address -
• Next by thread: Re: Blocking by MAC Address -
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Mac viruses are easy to make... ... Infect a computer all by itself ... You can't write a virus in automator. ... "Mac vs. Windows Security: Mac Benefits Explained" ... (comp.sys.mac.advocacy) RE: rogue IP address ... Are you sure it is an end user and not a real ROGUE on your network? ... Be aware that you can spoof the MAC address. ... prospectus based upon the core principle concepts of security. ... (Security-Basics) Re: windows firewall alert ... Are you sure the message is from the Windows Security Center? ... Your system is infected with a rogue antivirus program. ... specialty forums below OR back up your data and do a clean install of ... how to do a clean install, you can take your machine to a local computer ... (microsoft.public.windowsxp.security_admin) Re: Vanilla Rogue for Mac? ... I like to play roguelikes, ... (It runs Mac OS 9, ... I have only been able to find two Mac ports of Rogue. ... port of such a classic. ... (rec.games.roguelike.misc) Re: Vanilla Rogue for Mac? ... (It runs Mac OS 9, ... comes to modern roguelikes such as NetHack and Angband, ... I have only been able to find two Mac ports of Rogue. ... port of such a classic. ... (rec.games.roguelike.misc)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)