Quote:
Originally Posted by Notwerk
I really hate to tell you this when you're pushed for time, but MACs can be easily spoofed. So if a potential attacker gets a valid MAC address -which can be done by evesdropping or physical access to a client machine- s/he becomes a dangerous attacker.
http://www.cuyamaca.net/gainswor/security/002-MAC Spoof.pdf
On the other hand, if you want to allow traffic IN from the internet, MAC addresses won't work cause every router between the source and destination replaces the MAC address with its own.
|
Hi,
I know about MAC spoofing. Basically the architecture of the system will be such that after the firewall has let in through a trusted MAC the Windows 2003 server will password authenticate it. That part will be taken care by the Windows Server and Linux dosent have to do anything about it. I hope!!!
But since u tell me that MAC address filtering wont work..... I will have to rethink.
Also the Linux machine will have port scanners and the rest of all the security stuff that I can master in 2 days to prevent hacking into our local system.
There will be no information whatsover on the Firewall m/c, just firewall and scanners.
I hope this will work.
Regards