lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <1122212093.8332.7.camel@localhost.localdomain>
Date: Sun Jul 24 14:35:02 2005
From: khermansen at ht-technology.com (Kristian Hermansen)
Subject: Re: Snatching IP on LAN,
	how to DoS/block such machines?

On Thu, 2005-07-21 at 04:04 +0100, Niklas <maxxess@...il.com> wrote:
> How do you "shut down" such hijackers? Blocking MAC at router level is
> not an option since the real machine might be turned on later
> (unblocking, as well as blocking, involves net admin, thoose changes
> doesn't happen in real time, probably week time :))

At universities I have been to, we always needed to sign into a
preliminary device with our user/pass first.  Until the user is
authenticated, they remain on a VLAN which has limited access, or
possibly none -- redirecting everything to the auth site.  Upon auth,
however, the user is popped off the VLAN and onto the Uni network and
given a public IP.  This is also done at MIT and various other places.
It is the easiest way to authenticate your users from my perspective :-)

Additionally, if you are just worried about p2p traffic, check out
something like a PacketShaper from Packateer.  It is a layer7 filtering
device with a nice web admin tool that allows you to customize any
protocol's bandwidth usage (0 KB/s if you want).  So, that is something
else for you to check out...where do you work?
-- 
Kristian Hermansen <khermansen@...technology.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050724/bd46159d/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ