Re: [despammed] Re: Visitor based netoworking
Wednesday, June 11, 2003, 5:53:59 AM, debian-isp@lists.debian.org (debian-isp) wrote:
Stefan> I took a look at nocat and it really seems to do almost the things
Stefan> I'm looking for *g* Thank you.
Stefan> But I have a recommendation / question: Wouldn't it be possible to
Stefan> also check the MAC of clients on the net? This way we could make IP-
Stefan> hijacking (as written in the nocat-whitepaper) a lot harder I think.
Stefan> Unfortunately I don't know if this is possible with something like
Stefan> iptables - since mac-addresses work on a different (lower) layer.
I think iptables can, but it doesn't really matter. MAC addresses are
not secure. On most NICs they can simply be changed by the operating
system.
------------------------------------------------------
| Eddie J Schwartz <EdMcMan@[despammed.com|m00.net]> |
| AIM: Uncaring Eyes ICQ: 35576339 YHOO: edmcman2 |
| "We Trills have an expression -- at forty, you |
| think you know everything. At four hundred you |
| realize you know nothing." - Dax, Startrek DS9 |
------------------------------------------------------
Reply to: