From owner-freebsd-security  Tue Jul 29 13:08:09 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id NAA09654
          for security-outgoing; Tue, 29 Jul 1997 13:08:09 -0700 (PDT)
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA09618
          for <security@FreeBSD.ORG>; Tue, 29 Jul 1997 13:08:01 -0700 (PDT)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.8.5/8.8.5) id QAA15592;
	Tue, 29 Jul 1997 16:07:57 -0400 (EDT)
Date: Tue, 29 Jul 1997 16:07:57 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Message-Id: <199707292007.QAA15592@khavrinen.lcs.mit.edu>
To: Christopher Petrilli <petrilli@amber.org>
Cc: Poul-Henning Kamp <phk@dk.tfs.com>, Warner Losh <imp@village.org>,
        Robert Watson <robert@cyrus.watson.org>, security@FreeBSD.ORG
Subject: Re: Detecting sniffers (was: Re: security hole in FreeBSD) 
In-Reply-To: <Pine.BSF.3.95q.970729154145.22895F-100000@chaos.amber.org>
References: <284.870203173@critter.dk.tfs.com>
	<Pine.BSF.3.95q.970729154145.22895F-100000@chaos.amber.org>
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

<<On Tue, 29 Jul 1997 15:43:21 -0400 (EDT), Christopher Petrilli <petrilli@amber.org> said:

> well, it does only allow a MAC to appear once, so you would realise this
> quite quickly.  But a switch is the same as well, unless you've hard
> coaded VLAN type information based on MAC addresses into the
> switch---which is unmaintainable.

But which some organizations do anyway, because it allows them to
force their users to get permission to install any new machine.

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick