On 10/18/2011 08:42 AM, Tim wrote:
> On Mon, 2011-10-17 at 10:32 +0200, Reindl Harald wrote:
>> your understanding of security is simply broken
> No, yours is, if you believe that something that has no ability to
> provide any security, can actually do so.
>
> It's been a MYTH for quite some time t
On 10/18/2011 05:55 AM, Tim wrote:
> But taking steps that actually*are* security steps, do make a
> difference. Fooling around with dumb things that aren't security steps
> do not help.
Of course. I told them to be sure they had a firewall and anti-virus as
well because being a "moving target
On Mon, 2011-10-17 at 13:16 -0700, Joe Zeff wrote:
> Back when I did tech support for an ISP, I used to tell callers that
> having a dynamic IP address made their computer more secure,
> especially on dial-up. Why? Well, even if somebody managed to get
> into their computer they'd never be able to
On Mon, 2011-10-17 at 10:32 +0200, Reindl Harald wrote:
> your understanding of security is simply broken
No, yours is, if you believe that something that has no ability to
provide any security, can actually do so.
It's been a MYTH for quite some time that MAC filtering protects your
network. It
On 10/17/2011 01:32 AM, Reindl Harald wrote:
> if you have 5 easy to break security barriers in front you make it
> real hard for most people without enough knowledge of all these
> barrieres to break them all - nobody said these are the only
> preventions - these are ADDITIONAL ONES
Exactly. Bac
Am 17.10.2011 10:22, schrieb Tim:
> Tim:
>>> Well, in the case of MAC filtering, it's nothing to do with
>>> "security." It's merely closing an unlocked door in someone's face.
>
> Alan Cox
>> No.. security is not a boolean. MAC filtering is very useful for
>> stopping inadvertent plugging in of
O> > It's not a tool to prevent deliberate attack by users, and its not
> > 100% effective against a very careful attacker but tht doesn't make it
> > nothing to do with security.
>
> I'd say the fact that it *cannot* be used to "secure" a system, means
> that it does have nothing to do with secur
Tim:
>> Well, in the case of MAC filtering, it's nothing to do with
>> "security." It's merely closing an unlocked door in someone's face.
Alan Cox
> No.. security is not a boolean. MAC filtering is very useful for
> stopping inadvertent plugging in of the wrong system. It helps prevent
> accident
On Sat, 2011-10-15 at 09:02 -0700, Paul Allen Newell wrote:
> .
>
> In your usage, is it through the router(s) that you enforce wired MAC
> access?
No, it's through the DHCP server. Only known MAC addresses can obtain
an IP address.
Yes, it is true that anyone can configure a machine manually,
On Sat, Oct 15, 2011 at 12:48:05 -0700,
Craig White wrote:
> sure - buy a layer 3 managed switch (an unlikely candidate for home
> implementations)
You can implement mac address filtering on consumer gear if you are willing to
reflash it to use something like openwrt.
--
users mailing list
us
> Well, in the case of MAC filtering, it's nothing to do with "security."
> It's merely closing an unlocked door in someone's face.
No.. security is not a boolean. MAC filtering is very useful for stopping
inadvertent plugging in of the wrong system. It helps prevent accidents
and unsafe systems b
On 10/15/2011 12:48 PM, Craig White wrote:
>
> sure - buy a layer 3 managed switch (an unlikely candidate for home
> implementations)
>
Craig:
Thanks, I was just curious why it was only wireless and not both
wireless and wired. Understand the "limitations" of MAC addresses ... as
I mentioned ea
On Sat, 2011-10-15 at 09:02 -0700, Paul Allen Newell wrote:
> On 10/15/2011 08:14 AM, Greg Woods wrote:
> > On Sat, 2011-10-15 at 21:41 +1030, Tim wrote:
> >
> >> MAC filtering is utterly pointless.
> > We use it on *wired* networks, primarily to prevent visitors whose
> > laptops have not been pro
On Sat, 2011-10-15 at 09:14 -0600, Greg Woods wrote:
> We use it on *wired* networks, primarily to prevent visitors whose
> laptops have not been properly vetted (and may be crawling with
> malware) from connecting to our internal network. It is not expected
> to keep out serious bad guys. Like mos
On 10/15/2011 08:14 AM, Greg Woods wrote:
> On Sat, 2011-10-15 at 21:41 +1030, Tim wrote:
>
>> MAC filtering is utterly pointless.
> We use it on *wired* networks, primarily to prevent visitors whose
> laptops have not been properly vetted (and may be crawling with malware)
> from connecting to our
On 10/15/2011 04:11 AM, Tim wrote:
> On Fri, 2011-10-14 at 18:06 -0700, Paul Allen Newell wrote:
>> All I have to do is convince them to do MAC access filter list and
>> I'll be happy.
> MAC filtering is utterly pointless. [...]
Tim:
Thanks for the comments. I have let my niece and roommates know
On Sat, 2011-10-15 at 21:41 +1030, Tim wrote:
> MAC filtering is utterly pointless.
We use it on *wired* networks, primarily to prevent visitors whose
laptops have not been properly vetted (and may be crawling with malware)
from connecting to our internal network. It is not expected to keep out
On Fri, 2011-10-14 at 18:06 -0700, Paul Allen Newell wrote:
> All I have to do is convince them to do MAC access filter list and
> I'll be happy.
MAC filtering is utterly pointless. It *cannot* stop someone who wants
to connect, it's completely impossible, because they can easily change
their MAC
Dave:
inline comments
On 10/14/2011 06:29 PM, Dave Ihnat wrote:
>
>> The important thing to me is that they are on WPA2 and have both a rich
>> key and admin password.
> Now that's a totally different can'o'worms--you're talking wireless
> requirements, which is layered on top of the network
On Fri, Oct 14, 2011 at 06:06:38PM -0700, Paul Allen Newell wrote:
> Thanks for the email replies.
Thanks, always try to help.
> The take I come away with from your three
> emails is:
> 1) assume *.0 and *.255 are reserved,
Not just reserved--absolutely committed to their definition.
> 2) ther
Tim, Joe, and Dave:
Thanks for the email replies. The take I come away with from your three
emails is 1) assume *.0 and *.255 are reserved, 2) there is no standard,
just personal conventions -- and that a group using a router should have
a convention, and 3) let DHCP handle it if possible. If I
On Sat, Oct 15, 2011 at 01:32:47AM +1030, Tim wrote:
> Out of the various IP ranges [1] that are available for private use,
> because they are not, and will not, be used as public IPs on the
> internet, ...
Very specifically, look up RFC1918, where these ranges were defined.
> It's common practic
On 10/14/2011 12:59 AM, Paul Allen Newell wrote:
> Can anyone point me to a website that gives good advice on how one
> should alloc one's local ip addresses?
Unless you need to have static IPs for port forwarding or some other
specific use, just let the DHCP do it and save yourself a lot of
poi
On Fri, 2011-10-14 at 00:59 -0700, Paul Allen Newell wrote:
> A long time ago when I first struggled and figured out how to set up a
> LAN network, I got some advice about how I should alloc the numbers. 1)
> start static address at *.*.*.10, 2) put WAPs at *.*.*.245, and 3) for a
> gateway of
Hello to all:
A long time ago when I first struggled and figured out how to set up a
LAN network, I got some advice about how I should alloc the numbers. 1)
start static address at *.*.*.10, 2) put WAPs at *.*.*.245, and 3) for a
gateway of 192.168.1.1, assign your router that connects to the 3
25 matches
Mail list logo
