Find the answer to your Linux question:
Results 1 to 4 of 4
to controll access to services in my network,which one is better,to block/allow using ip addresses or mac addresses ...as both can be spoofed easily !...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2007
    Posts
    1

    MAC or IP to use in FIREWALL ?


    to controll access to services in my network,which one is better,to block/allow using ip addresses or mac addresses ...as both can be spoofed easily !

  2. #2
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    Use IP address (not host name) instead of MAC address. It is very trivial to spoof a MAC address. It is significantly more difficult to spoof an IP address to make a tcp connection.

  3. #3
    Linux Guru anomie's Avatar
    Join Date
    Mar 2005
    Location
    Texas
    Posts
    1,692
    P.S. Here's a good short article for you:
    IP Spoofing: An Introduction

    First google hit for "ip spoofing" actually. :P

    Remember, security in layers. Harden your services as well.

  4. #4
    Banned
    Join Date
    Dec 2002
    Location
    Texas
    Posts
    242
    Filter using both.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •