Re: Blocking by MAC Address -
- From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
- Date: Tue, 29 Nov 2005 17:27:11 +0100
Again, it is possible to change MAC address to just about anything in few
seconds. So don't tie your security to MAC addresses...
Any MAC address is only visible and viable inside the subnet. What if I
attack you from another subnet and you don't see my MAC? Only my IP address?
--
Mike
Microsoft MVP - Windows Security
"M. Eteum" <meteum@xxxxxxxxx> wrote in message
news:u0usEEG9FHA.736@xxxxxxxxxxxxxxxxxxxxxxx
> Miha Pihler [MVP] wrote:
>> Again an attacker could still bypass 802.1x with this configuration.
>>
>> Switch will only see one MAC. What is stopping an attacker to assign
>> himself same MAC as a valid computer? There are few other ways to fool
>> switch into allowing more then one MAC per port (even if configured
>> otherwise).
>>
>> This is very well described here under: "Why 802.1X on wired networks is
>> insufficient"
>> http://www.microsoft.com/technet/community/columns/secmgmt/sm0805.mspx
>>
>
> Perhaps using 802.1X in combination with CertServices will stop bogus MAC
> address.
.
- References:
- Blocking by MAC Address -
- From: aman11
- Re: Blocking by MAC Address -
- From: Miha Pihler [MVP]
- Re: Blocking by MAC Address -
- From: Miha Pihler [MVP]
- Re: Blocking by MAC Address -
- From: Miha Pihler [MVP]
- Re: Blocking by MAC Address -
- From: Miha Pihler [MVP]
- Re: Blocking by MAC Address -
- From: Antonio Cardoso
- Re: Blocking by MAC Address -
- From: Miha Pihler [MVP]
- Re: Blocking by MAC Address -
- From: M. Eteum
- Blocking by MAC Address -
- Prev by Date: Re: VPN two existing domains
- Next by Date: Re: 2 Domain
- Previous by thread: Re: Blocking by MAC Address -
- Next by thread: how to determine the dhcp servers within the network
- Index(es):
Relevant Pages
|
|
