Corporate Reactions to Linux (fwd)

Greg Dickie greg at discreet.com
Wed Oct 13 23:56:23 GMT 1999 



I've dealt with Xylan. Unless they have changed, stay away!

Greg

---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet (the logic is gone)
Montreal 
(514) 954-7171
greg at discreet.com


On Thu, 14 Oct 1999, Allen Reese wrote:

> Date: Thu, 14 Oct 1999 02:41:40 +1000
> From: Allen Reese <allen at driversoft.com>
> To: Multiple recipients of list SAMBA-NTDOM <samba-ntdom at samba.org>
> Subject: Re: Corporate Reactions to Linux (fwd)
> 
> There is a company called xylan working on network hubs, and switches that
> allow only certain mac address to connect to them and they encrypt the
> data between the port and the hub.  :)
> 
> well looks like htey are now http://www.ind.alcatel.com
> alcatel internetworking....  
> 
> Allen Reese
> Senior Software Engineer
> Driversoft, Inc.
> allen at driversoft.com
> 
> On Wed, 13 Oct 1999 ard at wau.mis.ah.nl wrote:
> 
> > On Wed, Oct 13, 1999 at 06:00:23AM +1000, tschweikle at FIDUCIA.de wrote:
> > > A better way I am aware of is monitoring mac addresses inside your
> > > LAN --- thus giving you the whole control about which computers
> > > are allowed to access your network, putting the burden on you to
> > > adapt every network hardware change and reconfigure your routers
> > > and switches (cause this only makes sense if you close any ports
> > > using unknown mac addresses).
> > > 
> > > But even this isn't waterproof: what about illegal computers using
> > > old and known network cards?
> > Well, it really does not matter what kind of cards you use. In my
> > experience of ethernet driver programming, the toughest quest, next
> > to getting documentation, is to obtain the MAC-address. MAC is purely
> > software.
> > As a matter of fact, plain redhat-linux has the MAC-address as one of
> > its interface configuration parameters, and I am relying on that to
> > get the proper IP address from the DHCP server of my cable-internet
> > provider. And for my ethernet driver: I did not succeed in obtaining
> > it from the EISA bios. So I documented to use
> > ifconfig <eth> hw ether xx:xx:xx:xx:xx:xx
> > before uping...
> > > > you can then either email / page the administrator or run
> > > > denial-of-service attacks against the offending server to take it down (a
> > > > drastic and not highly recommended course of action).
> > > If you do have token ring there would be a simple DoS: send it
> > > a "close adapter" command. Some ethernet adapters do have this
> > > command to.
> > When using windows NT, a small token-ring packet containing too
> > many entries (I thought the RIP packet containing more than 7 entries),
> > will crash an entire segment of NT based systems. And no tracing of
> > who did it...
> > 
> > I guess there is no security on ethernet based networks on which there
> > is no form of encryption used. The only save way is probably to use
> > encrypted communications between each computer, of course with strong
> > public/private key authentication.
> > 
>

More information about the samba-ntdom mailing list