Page 1 of 1

MAC problem

Posted: Mon Apr 28, 2008 9:41 pm
by venky145
hai

now a days everyone are getting mac address changer softwares ( mac spoofing ). they can change the MAC and accessing internet . Is there any other way to authenticate i mean IP + MAC + Processor ID like... or authenticating in client side and check and conform after login.... is this possible ..?

Posted: Mon Apr 28, 2008 11:27 pm
by x2oxen
install a pppoe server or use username password authentication in squid proxy for users

Posted: Sat May 03, 2008 8:48 pm
by Saad Khan
compile squid server with mac address filtering support and use mac based authentication in squid proxy.

e.g
acl user_abc arp 00:11:22:33:44:55
http_access allow user_abc

If you want more control then use ncsa password authentication with mac addresses and bind your users to their mac addresses.

Posted: Sun May 04, 2008 12:18 pm
by mudasir
AOA,

Using Squid for authentication may not be a wise option. Setup a PPPoE Server or a VPN Server, that will get rid of this problem.

As this is a problem for client side, so from server not much can be done to get rid of it.

Posted: Mon May 05, 2008 2:55 am
by Saad Khan
mudasir wrote:AOA,

Using Squid for authentication may not be a wise option. Setup a PPPoE Server or a VPN Server, that will get rid of this problem.

As this is a problem for client side, so from server not much can be done to get rid of it.


PPPOE or VPN?
you meant mac address authentication over PPPOE or VPN?
it would be highly appreciated, if you write this howto for the users.

He asked about mac address or authentication, that's what i proposed him, and this solutions works seemless for the desktop users, they just have to enter user/password rather than using PPPOE or VPN for authentication, because i am sure, you wont train every internet user to use PPPOE or VPN.

Posted: Mon May 05, 2008 3:07 am
by mudasir
AOA,

I am working on the howto of PPPoE Server with most of the options that are required by Cable Internet Operators. As soon as it will be complete i will post it on LP Wiki, so that all of LP members will be able to take advantage if it.

Now regarding training every one to use PPPoE or VPN, there is no training required. Just need to create a Dialer and thats all, just connect that and every thing will work flawlessly.

Posted: Thu May 08, 2008 9:45 am
by x2oxen
And when you setup a pppoe server then you won't be needing a dhcp server as well as you won't be needing to assign static ips as well. so if you users changing mac address or ips there will be no issue with that.

Posted: Thu May 08, 2008 1:33 pm
by mudasir
Assalam-o-Alaikum,

Yes usman bhai is right, then no other stuff will be needed.

way of Detecting spoofed mac?

Posted: Thu May 08, 2008 6:01 pm
by zaib
is there ne way/tool through which we can detect if any users have changed his mac address ? i tried arpwatch, but not luck.

way of Detecting spoofed mac?

Posted: Thu May 08, 2008 6:02 pm
by zaib
is there ne way/tool through which we can detect if any users have changed his mac address ? i tried arpwatch, but not luck.

Posted: Fri May 09, 2008 4:52 pm
by x2oxen
Yes there is a way! Visit user physically and check there configurations ;) :lol: