lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050723173522.GB17671@jschipper.dynalias.net> Date: Sat Jul 23 18:35:29 2005 From: j.schipper at math.uu.nl (Joachim Schipper) Subject: Snatching IP on LAN, how to DoS/block such machines? On Wed, Jul 20, 2005 at 11:27:17PM +0200, Niklas wrote: > Oh forgot to mention this is a univeristy, open around the clock, with > thousands of users with physical access to whatever. > > But I thank you kindly, Marc No Mad. You really helped out on the subject. :p > > Addon: I don't have access to the DHCP, or any other central > services. So we're back the "how do i DoS my clients" on my subnet, > based on ip/MAC? > > No 802.1x available here .... probably won't be in 2005.... > > /n There's always the option, though it may be a little more complex than you intended, of using something like Snort+FlexResp. Load up the p2p rulesets, modify them to shut down any offending connections. It won't exactly DoS them, but people will need to do a lot better than just fire up Kazaa. Of course, good attackers may try all sorts of sneaky tricks - who are you trying to keep out? The casual p2p user, or a determined hacker with physical access? The latter is quite difficult. ;-) (Disclaimer: I've never tried FlexResp...) Joachim
Powered by blists - more mailing lists