[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [despammed] Re: Visitor based netoworking

Wednesday, June 11, 2003, 5:53:59 AM, debian-isp@lists.debian.org (debian-isp) wrote:

Stefan> I took a look at nocat and it really seems to do almost the things 
Stefan> I'm looking for *g* Thank you.

Stefan> But I have a recommendation / question: Wouldn't it be possible to 
Stefan> also check the MAC of clients on the net? This way we could make IP-
Stefan> hijacking (as written in the nocat-whitepaper) a lot harder I think.

Stefan> Unfortunately I don't know if this is possible with something like 
Stefan> iptables - since mac-addresses work on a different (lower) layer.

I think iptables can, but it doesn't really matter.  MAC addresses are
not secure.  On most NICs they can simply be changed by the operating

| Eddie J Schwartz <EdMcMan@[despammed.com|m00.net]> |
|  AIM: Uncaring Eyes ICQ: 35576339 YHOO: edmcman2   |
|  "We Trills have an expression -- at forty, you    |
|  think you know everything. At four hundred you    |
|  realize you know nothing." - Dax, Startrek DS9    |

Reply to: