Great Circle Associates Firewalls
(November 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: MAC addresses
From: hcb @ clark . net
Date: Wed, 2 Nov 94 17:06:30 -0500
To: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Cc: "firewalls @ greatcircle . com"@uvs1.dnet.mmc.com

> > and spoofing an address on the net.
> > 
> 
> Since it is relatively easy to change a MAC address (am less ignorant now 8*),
> it appears that the possibility of two nodes with the same address on coax 
> is possible. With twisted pair there is another possibility if you have an
> intelligent hub that can be set to only accept packets from a particular
> MAC on a particular line. I believe 3Com and HP both are marketing hubs
> with this capability.
> 					Warmly,
> 						Padgett
> 
Cisco routers, in their bridge filter more, also can select 
only a specific MAC address or range of addresses.

There really is a broader issue here.  In the IPng autoconfiguration
list, there is  at least some sentiment (that I agree with, and
I think is growing), that MAC addresses should not be changeable.

>From the security standpoint, what is the feeling that it may 
be desirable to be able to order variants of drivers that have
the local configuration of MAC address disabled?  I certainly 
lean that way.

DECnet networks MUST at present modify MAC addresses, and Novell
and Banyan routers MAY modify them.  These certainly are areas of 
concern.



Follow-Ups:
Indexed By Date Previous: MAC spoofing by non-IP protocols
From: Howard Berkowitz <hcb @ clark . net>
Next: Bastion host on Sun Sparc Solaris 2.x
From: George Armhold <armhold @ phoenix . xpedite . com>
Indexed By Thread Previous: Hubs and address spoofing (was Re: MAC addresses)
From: lavondes @ tidtest . total . fr (Michel Lavondes)
Next: Re: MAC addresses
From: "John N. Benson" <t3300 @ cis1 . nfuel . com>

Google
 
Search Internet Search www.greatcircle.com