Corporate Reactions to Linux (fwd)

[ard at wau.mis.ah.nl]

On Wed, Oct 13, 1999 at 06:00:23AM +1000, tschweikle at FIDUCIA.de wrote:
> A better way I am aware of is monitoring mac addresses inside your
> LAN --- thus giving you the whole control about which computers
> are allowed to access your network, putting the burden on you to
> adapt every network hardware change and reconfigure your routers
> and switches (cause this only makes sense if you close any ports
> using unknown mac addresses).
> 
> But even this isn't waterproof: what about illegal computers using
> old and known network cards?
Well, it really does not matter what kind of cards you use. In my
experience of ethernet driver programming, the toughest quest, next
to getting documentation, is to obtain the MAC-address. MAC is purely
software.
As a matter of fact, plain redhat-linux has the MAC-address as one of
its interface configuration parameters, and I am relying on that to
get the proper IP address from the DHCP server of my cable-internet
provider. And for my ethernet driver: I did not succeed in obtaining
it from the EISA bios. So I documented to use
ifconfig <eth> hw ether xx:xx:xx:xx:xx:xx
before uping...
> > you can then either email / page the administrator or run
> > denial-of-service attacks against the offending server to take it down (a
> > drastic and not highly recommended course of action).
> If you do have token ring there would be a simple DoS: send it
> a "close adapter" command. Some ethernet adapters do have this
> command to.
When using windows NT, a small token-ring packet containing too
many entries (I thought the RIP packet containing more than 7 entries),
will crash an entire segment of NT based systems. And no tracing of
who did it...

I guess there is no security on ethernet based networks on which there
is no form of encryption used. The only save way is probably to use
encrypted communications between each computer, of course with strong
public/private key authentication.