Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 11 Jun 2012 15:18:18 -0700
From:      merlyn@stonehenge.com (Randal L. Schwartz)
To:        Bill Yuan <bycn82@gmail.com>
Cc:        Ian Smith <smithi@nimnet.asn.au>, "Brian W." <brian@brianwhalen.net>, freebsd-questions@freebsd.org
Subject:   Re: how to allow by MAC
Message-ID:  <863961ze51.fsf@red.stonehenge.com>
In-Reply-To: <CAC%2BJH2xcqcDR%2B1y6zwMQ-Jqy%2BzoB2MgnM%2Bb4Nz8AMc3P-gksHw@mail.gmail.com> (Bill Yuan's message of "Mon, 11 Jun 2012 11:39:56 %2B0800")
References:  <20120610120041.4D0F610657C3@hub.freebsd.org> <20120611025332.N46641@sola.nimnet.asn.au> <CAC%2BJH2w6B7fXu6tvcJ8t1FZbPb7pFQVbSwk93r-9JRYpFy2hcw@mail.gmail.com> <CADV=szWbNfW-MaKi5heamPNR3qz4xiY62ynm6BgK=huPEx=K_w@mail.gmail.com> <CAC%2BJH2xcqcDR%2B1y6zwMQ-Jqy%2BzoB2MgnM%2Bb4Nz8AMc3P-gksHw@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Bill" == Bill Yuan <bycn82@gmail.com> writes:
Bill> I want to create a white list MAC address,  Only the machine which it's MAC
Bill> in the white list will be allowed,  all others will be blocked.

Bad idea.  Since (a) every MAC address that *is* allowed is transmitted
in the clear and (b) it's trivial to spoof a MAC address.

This. is. no. security.

Please stop even trying.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>;
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?863961ze51.fsf>