[ale] OT: laptops on a network, security
dragon
dragon at pitr.tuxinternet.com
Wed May 28 22:28:40 EDT 2003
One other option is an Arp poisoning for non registered mac addresses.
IP Sentenel is one like that. i havent used it. but it looks like what your looking for.
http://software.freshmeat.net/projects/ip-sentinel/?topic_id=150
Drag0n
dragon at atlantacon.org
On Wed, May 28, 2003 at 09:48:16PM -0400, Bruce Griffis wrote:
> On Wednesday 28 May 2003 09:48 pm, J.M. Taylor wrote:
> > Hypothetical situation: you are a fair-to-middlin' sized university, and
> > people (students, faculty, staff, spouses, riff-raff) want to bring their
> > laptops in and plug in to your network. Your draconian laws prohibit this
> > but it's becoming increasingly obvious that people are doing it anyway,
> > and you can't hide from the issue forever.
> >
> > What do you do? Could something like RADIUS be used to authenticate
> > mobile users and only grant those with valid accounts an IP address? What
> > about people who just assign themselves an IP? How does one stop that?
> >
>
> Hmmmmm - I would set up a Kiosk area with desk space and a switch, and
> firewall it. I would also shut down all inactive switch ports on the inside
> network to disallow people from plugging in, grabbing an assigned IP address,
> firing up etherreal or whatever and having fun.
>
> Open (firewalled) areas in a school could be a firewalled section in the
> library, and maybe in an area students might get together to play LAN games.
> I might also consider firewalling a wireless segment for kicks and grins.
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list