> Well, in the case of MAC filtering, it's nothing to do with "security." > It's merely closing an unlocked door in someone's face.
No.. security is not a boolean. MAC filtering is very useful for stopping inadvertent plugging in of the wrong system. It helps prevent accidents and unsafe systems bridging networks or ending up on the 'wrong side of the fence' where you have secure and insecure networks. It's not a tool to prevent deliberate attack by users, and its not 100% effective against a very careful attacker but tht doesn't make it nothing to do with security. > to even attempt it, not filtering on a central server. A computer can > still spew forth stuff onto a network its plugged into, even if it's not > really joining in your network (in the sense of your server accepting > it). If you have physical access to a LAN port you can wire it to the mains electricity supply. It all depends on your threat model and what you entire in depth security arrangements are. Alan -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
