Security Basics mailing list archives
Re: MAC address
From: Francisco Andrades <fandrades () nextj com>
Date: Fri, 17 Oct 2003 12:36:23 -0400
Hi,There are several problems with this approach: If your server is behind a firewall (as it should be if it's open to the internet) it will always see the MAC address of the firewall (or router, gateway, proxy, etc). If you plan to use the application within your organization only, it will not work for people on other sub-nets. And you still have issues regarding MACs: ARP spoofing, how to access it from certain languages, etc.
There are security patterns that address session related attacks. You should always try a proven concept first than creating a new technique.
Greetings n30 wrote:
Guys, Lets say i am a web programmer and i want to use strong sessions. Is it possible for the web server to determine the MAC of clients browsing the application. If yes, I can programatically use this MAC address in sessions to prevent lot of session related attacks. For right now, say I can implement the web application in any language i want. Thanks -n --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
-- Francisco Andrades Grassi www.nextj.com Tlf: +58-414-125-7415 --------------------------------------------------------------------------- FREE Whitepaper: Better Management for Network Security Looking for a better way to manage your IP security? Learn how Solsoft can help you: - Ensure robust IP security through policy-based management - Make firewall, VPN, and NAT rules interoperable across heterogeneous networks - Quickly respond to network events from a central console Download our FREE whitepaper at: http://www.securityfocus.com/sponsor/Solsoft_security-basics_031015 ----------------------------------------------------------------------------
Current thread:
- Checksum for Windows 2000 CD Tsai Li Ming (Oct 16)
- <Possible follow-ups>
- RE: Checksum for Windows 2000 CD John Canty (Oct 16)
- RE: Checksum for Windows 2000 CD Tsai Li Ming (Oct 17)
- MAC address n30 (Oct 17)
- Re: MAC address Francisco Andrades (Oct 17)
- RE: MAC address David Gillett (Oct 17)
- Re: MAC address Tomas Wolf (Oct 20)