Date: Wed, 24 May 2000 10:59:06 +0200 From: Olaf Hoyer <ohoyer@fbwi.fh-wilhelmshaven.de> To: Mike Silbersack <silby@silby.com> Cc: freebsd-net@FreeBSD.ORG Subject: Re: BPF vs. promiscuous mode Message-ID: <4.1.20000524105140.00a108d0@mail.rz.fh-wilhelmshaven.de> In-Reply-To: <Pine.BSF.4.21.0005240010160.19660-100000@achilles.silby.co m> References: <4.1.20000524033815.00a76340@mail.rz.fh-wilhelmshaven.de>
next in thread | previous in thread | raw e-mail | index | archive | help
>> Fact is, that there are run some jobs that check if on some network segment >> is some card present that is in promiscuous mode and /or has its MAC adress >> changed, seen independently from the assigned (via DHCP) IP adress. (Of >> course, you might assign your IP adress manually). >> Are there some programs/techniques that do that? > >I'm sure there are programs which can detect such changes, I think someone >mentioned arpwatch? Hi! Will have a look at that. > >> BSD or Linux, some program/trick/whatsoever that pretends(return to arp >> queries) a different MAC adress than stored on the ROM of the NIC. > >Changing the MAC address of a NIC is extremely simple, it's easily done >even in windows - don't single out students who run unix as troublemakers. Yes, thats what I meant. Extremely simple? Then you know something I don't know yet- examples/names of programs-drivers/URLs? >> We have (due to costs) one cenral switch running (3com, IIRC), with about >> of twelve hubs attached, which hold altogether about 235 connections. > >I guess the real issue is the question of if your network is configured in >such a way that a student box could take the IP of one of your boxes (dns >server, etc). If the only issue is students fooling with each other, I >wouldn't worry too much about it, personally. Though logging as you >mention above certainly can't hurt. Well, yes, thats the major issue, but as I also belong to that big group (some administration is done in the dorm internally) and my personal box also is hooked up to that LAN, so I have a vital personal interest. Because I have to work under Winblows frequently due to various reasons related to study topics and work I do (making some money on support etc.) I have some reasons to care... Real problem is the implemenatation style of that network, that each room where the puter is, is private, so only way to enforce some policy is to pull the user. Regards Olaf Hoyer -------- Olaf Hoyer www.nightfire.de mailto:Olaf.Hoyer@nightfire.de FreeBSD- Turning PC's into workstations ICQ:22838075 Liebe und Hass sind nicht blind, aber geblendet vom Feuer, dass sie selber mit sich tragen. (Nietzsche) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.20000524105140.00a108d0>