Date: Wed, 4 Feb 2004 12:36:07 -0500 From: "Derek Marcotte" <derek@cpainc.ca> To: <ask@un.kiev.ua> Cc: questions@freebsd.org Subject: Re[2]: ARP poisonong. LIVE_MAC Message-ID: <002b01c3eb45$5fff3f20$0301a8c0@office.cpainc.net>
next in thread | raw e-mail | index | archive | help
In-Reply-To: <80491713566.20040126101403@un.kiev.ua> You want to deny physical connectivity to the LAN, from a particular host, period. You might try setting up a quasi-switch with bridge (kernel option see LINT), plug a whole bunch of network cards in, and downing the interfaces when they don't pay... It would be a full duplex, dual speed-hub, which is probably fine, anyways... You'd also need cross-over cables for all of the PCs becuase it's a HOST to HOST connection. I'd recommend the DLink DFE-570TX, but I don't know that they make it anymore... Intel makes some good multi-port adapters. Also a PCI bus is limited to pushing 1056 Mbps (32-bits * 33Mhz), so you can really max out your system (potentially 200Mbps/adapter) quickly... The best option would be to go with something that is designed for this sort of thing. A Cisco catalyst (1900s and 2900s are pretty cheap these days) is. You can write a script that logs into the switch, and ups and downs the port when they don't pay, or their account is up to date. Just a thought... A dedicated switch would probably be the best way to deal with this, since you are switching the traffic anyways. Alternatively, you can mess with ports/net/nemesis to craft ARP packets, and so can the connected device, because they still have physical access to the LAN. Not to mention that they are still capable of denying service to other customers via the exact same method that you use, even though they are "disabled." Cheers, Derek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002b01c3eb45$5fff3f20$0301a8c0>