[f-nsp] mac address forging !
Niels Bakker
niels=foundry-nsp at bakker.net
Fri Nov 26 15:33:28 EST 2004
* mraptor at gmail.com (iVAN G) [Fri 26 Nov 2004, 15:36 CET]:
> I'm just reading the docs of the FastIron and saw there is
> MAC based Radius auth. So far so good, but how did u protect from MAC
> address forging ? If u have the following situation :
>
> FastIron <---> noname-switch <----> user
You don't. You could use port security to keep MACs locked to one
particular port but that doesn't protect users on the noname switch.
> In fact I want to achieve a secure way to assign IP address
> to the users and block any attempt from them to forge IP and/or MAC address.
use 802.1X
-- Niels.
--
More information about the foundry-nsp
mailing list