[Full-disclosure] Re: Snatching IP on LAN, how to DoS/block such machines?
khermansen at ht-technology.com
Sun Jul 24 14:34:53 BST 2005
On Thu, 2005-07-21 at 04:04 +0100, Niklas <maxxess at gmail.com> wrote:
> How do you "shut down" such hijackers? Blocking MAC at router level is
> not an option since the real machine might be turned on later
> (unblocking, as well as blocking, involves net admin, thoose changes
> doesn't happen in real time, probably week time :))
At universities I have been to, we always needed to sign into a
preliminary device with our user/pass first. Until the user is
authenticated, they remain on a VLAN which has limited access, or
possibly none -- redirecting everything to the auth site. Upon auth,
however, the user is popped off the VLAN and onto the Uni network and
given a public IP. This is also done at MIT and various other places.
It is the easiest way to authenticate your users from my perspective :-)
Additionally, if you are just worried about p2p traffic, check out
something like a PacketShaper from Packateer. It is a layer7 filtering
device with a nice web admin tool that allows you to customize any
protocol's bandwidth usage (0 KB/s if you want). So, that is something
else for you to check out...where do you work?
Kristian Hermansen <khermansen at ht-technology.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050724/bd46159d/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.