| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: kain at kain.org (Kain)
Subject: DCOM RPC exploit (dcom.c)
On Tue, Jul 29, 2003 at 10:33:47AM -0500, Schmehl, Paul L wrote:
> > > ... I'd be surprised if any organisation exists (outside of the
> > > military) that insists on knowing the MAC addresses of machines before
> > > they get connected to the network. (In our case we monitor MAC addresses
> > > instead as we can then spot network problems).
> > Bzzzzt -- wrong.
> >
> > Some small, medium and large corporates do this. Some .edus even do it.
I can verify that this is also the case at Southwest Missouri State University,
a small uni of 30,000 or so students (15000 or so full-time last time I
checked), from my time there as a student. One doesn't have to be .mil or have
a ludicrous budget to follow this practice. It makes good sense to know
exactly what is on your network.
In the case of SMSU, most network switches were per-port MAC-filtered to their
assigned address, managed through a central database with links to SNMP
management on the switches for controlling network access.
--
Bryon Roche
Professional {Developer,Linux/MS Consulting,Software Architect}
<kain@...n.org>
PGP Key Fingerprint: FE0D EC23 6464 726A CD54 48D3 04AD 86FE 6878 ABD5
Fortuna est caeca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030729/603d27a0/attachment.bin
Powered by blists - more mailing lists