On Fri, Mar 16, 2001 at 09:24:56PM +0100, Marc Haber wrote: > On Fri, 16 Mar 101 12:28:54 -0500 (EST), Allen Ahoffman > <[EMAIL PROTECTED]> wrote: > >can someone tell me how to secure a network so that: > >the router won't route traffic if the specific mac address isn't > >registered before hand? > > Kernel 2.4 netfilter can make routing decisions depending on the MAC > address. > > Please be aware, though, that the MAC address is trivial to forge > nowadays. Hmm, how does a switch deal with the same mac address coming from two ports at the same time?
Does that mean that we've lost the added security from ethernet switches? I can see that if a switch was fooled into sending traffic to two ports that could be a security problem, if security depends on the switching function. Mike
