Re: Duplicate MAC problems
- From: David Schwartz <davids@xxxxxxxxxxxxx>
- Date: Fri, 23 Nov 2007 16:50:28 -0800 (PST)
On Nov 23, 4:44 am, "pedro.fo...@xxxxxxxxx" <pedro.fo...@xxxxxxxxx>
wrote:
At wi-fi network (802.11a/b/g), users fake them MAC Address to a
authenticated MAC to bypass the security. If the legitimate computer
uses a bad designed TCP/IP stack (ie. Windows), this approach will
work completely, if it uses a good TCP/IP stack implementation that
respect the RFC 793 specification (ie. Linux), will not work. This is
because when a Windows host receive a packet that he is not expecting
he just drops the packet. A Linux machine will reset the connection.
Linux's approach is *way* better. Once you know that there is spoofing
going on and there is no security, shutting down the connection is
better than accepting the spoofed packets.
Sonny, is your ISP should use a 802.1x authentication method. It's the
best approach I know.
Some authentication, any authentication, will do. The problem is that
there is no authentication at all.
DS
.
- Follow-Ups:
- Re: Duplicate MAC problems
- From: pedro.forum@xxxxxxxxx
- Re: Duplicate MAC problems
- References:
- Duplicate MAC problems
- From: Sonny
- Re: Duplicate MAC problems
- From: david
- Re: Duplicate MAC problems
- From: pedro.forum@xxxxxxxxx
- Duplicate MAC problems
- Prev by Date: Re: Duplicate MAC problems
- Next by Date: parental controls for OLPC laptop?
- Previous by thread: Re: Duplicate MAC problems
- Next by thread: Re: Duplicate MAC problems
- Index(es):
Relevant Pages
|
