Security Basics mailing list archives

Re: MAC level authentication or filtering

From: Jerry Eblin <Jerry.Eblin () rrsc com>
Date: Fri, 8 Oct 2004 09:21:12 -0400






Dave,

      Depending on the types of switches you use at your location, it is
possible to set up MAC filtering on them. Intel, Cisco, Netgear, etc all
make switches that are capable of doing MAC filtering. As for being alerted
when something like this happens, you would have to investigate the
specific switch/vendor to see if they offer alert capabilities.

Jerry




                                                                           
             "David Nardoni"                                               
             <dnardoni@firstre                                             
             sponseconsulting.                                          To 
             com>                      <security-basics () securityfocus com> 
                                                                        cc 
             10/07/2004 12:53                                              
             PM                                                    Subject 
                                       MAC level authentication or         
                                       filtering                           
             Please respond to                                             
             <dnardoni@firstre                                             
             sponseconsulting.                                             
                   com>                                                    
                                                                           
                                                                           




I need a solution that will allow me to prevent a user from coming in to my
office and plugging in a laptop and gaining access to the network.

I have users that are currently using thin clients to connect to the main
server to do all their processing.  If a legitimate user turns bad and
decides to bring in a system (laptop) from home and connect it to the
network and proceed to use their proper username and password to gather
information from terminal services, I want to be able to recognize that
they
have plugged in an unauthorized system and keep them from gaining access to
the network.

I welcome all ideas no matter what vendor solution or no matter how simple
or complex.  If you need more info on the situation let me know.


Dave Nardoni CISSP
First Response Consulting Services, Inc.
dnardoni () firstresponseconsulting com

Current thread:

MAC level authentication or filtering David Nardoni (Oct 07)
- Re: MAC level authentication or filtering Ajay (Oct 08)
  - Re: MAC level authentication or filtering Jon Lawhead (Oct 08)
    - Re: MAC level authentication or filtering Ajay (Oct 12)
- RE: MAC level authentication or filtering Kurt (Oct 08)
  - RE: MAC level authentication or filtering Jay Archibald (Oct 08)
- Re: MAC level authentication or filtering GuidoZ (Oct 08)
- Re: MAC level authentication or filtering Josh Mills (Oct 08)
- Re: MAC level authentication or filtering Jerry Eblin (Oct 08)
- <Possible follow-ups>
- RE: MAC level authentication or filtering Paris E. Stone (Oct 08)
- Fw: MAC level authentication or filtering GUs (Oct 08)
- RE: MAC level authentication or filtering Roy Sgan-Cohen (Oct 08)
- RE: MAC level authentication or filtering Mike (Oct 08)
- FW: MAC level authentication or filtering David Nardoni (Oct 08)
- RE: MAC level authentication or filtering Roy Sgan-Cohen (Oct 08)
- RE: MAC level authentication or filtering Jay Archibald (Oct 12)