>
> I shall learn in future never to post to two lists with similar
> readerships on different issues simultaneously. Following my
> post on NANOG I've now been told by no less than 8 people that
> my cisco-nsp question is not the right way to go about solving
> DOS attacks. I agree completely. That wasn't what I was trying to
> do. FWIW here's what I want to do:
>
> > > We've run out of space in our colocation areas and people
> > > are thus buying our ethernet colocation service and finding their
> > > own space in the building. They can get (say) a Class C for
> > > virtual hosts. I want to stop them plugging in a gated box
> > > and running an etnire network behind it. IE what I want to
> > > make sure is that it only goes to addresses whose MAC addresses
> > > are immediately visible. This seemed like a nice way to do it.
> > > Yes, one joker has tried it.
>
> --
> Alex Bligh
> GX Networks (formerly Xara Networks)
The easiest way to do this is to select the proper media type
(switched hubs) with the ability to filter on MAC addresses.
When more than one MAC address shows up, shut down the port.
--bill
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:16 EDT