Date: Wed, 08 Sep 1999 01:29:29 -0700 From: dmp@aracnet.com To: The Mad Scientist <madscientist@thegrid.net> Cc: ks@itp.ac.ru, freebsd-security@FreeBSD.ORG Subject: Re: Layer 2 ethernet encryption? Message-ID: <37D61E69.58B806DF@aracnet.com> References: <XFMail.990907105629.ks@osi.ru> <4.1.19990907190442.0096ada0@mail.thegrid.net>
next in thread | previous in thread | raw e-mail | index | archive | help
The Mad Scientist wrote: <snip> > I do not claim to understand driver writing, but what about ripping out > the code that puts the NIC into promiscous mode? I'm not a software hacker, so I couldn't tell you if that would work, but disabling that part of the driver might not be such a good idea. > You would have to modify > the code that allows the driver to change its MAC address, probably. But > if you have good network monitors, you should be able to detect a machine > that is pretending to be someone else pretty quickly. It's not encryption, > but if you're blind, you can't read the written word. It doesn't solve > your EM problems either. If a NIC changed it's MAC, it would loose connectivity. > 'Course, I guess any user with half a brain could go out and get the > original driver and put it in place -- this being an open source solution. > So, I guess it's not such a good idea after all. Integrity checks withstanding, such a modification would prevent the machine from connecting to the network. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37D61E69.58B806DF>