Firewall - MAC Filter
"a:\"
looking to upgrade my firewall.
Does anyone know of a firewall that I can use on my internal network. My
needs are that within the software, I would enter the MAC addresses of all
my networked machines and only pcs on the "white list" with the correct MAC
address would be able to share resources.
With Zone Alarm, you can filter with IP Addresses, but MAC addresses seems
to add a little more security.
Thank you
NeoSadist
IPTables has MAC filtering, but I haven't seen a software firewall for
windows that has it, yet....
--
"The student in question is performing minimally for his peer group and
is an emerging underachiever."
0x
news:1030ten...@corp.supernews.com:
>> Does anyone know of a firewall that I can use on my internal network. My
>> needs are that within the software, I would enter the MAC addresses of all
>> my networked machines and only pcs on the "white list" with the correct
>> MAC address would be able to share resources.
(...)
> IPTables has MAC filtering, but I haven't seen a software firewall for
> windows that has it, yet....
And, what about Sygate Personal Firewall Pro ?
I tried it and managed to set MAC addresses in "Advanced rules".
The only disadvantage, when compared to Zone Alarm, is the lack of
possibility of setting rules associated with the local loop (loopback) and
thus you can not protect traffic of your eg. proxy server software on your
machine, etc...
--
0x
Eirik Seim
Do you have computers on your LAN that you don't trust?
It seems not everybody realize MAC address filtering does nothing
for internet (as in "several routed networks") security, only for
your own local IP network - which is why MAC address filtering is
most frequently found in wireless access points, not in wired
routers/firewalls. Just my .5 euro...
- Eirik
--
New and exciting signature!
"a:\"
> It seems not everybody realize MAC address filtering does nothing
> for internet (as in "several routed networks") security, only for
> your own local IP network - which is why MAC address filtering is
> most frequently found in wireless access points, not in wired
> routers/firewalls. Just my .5 euro...
That's actually what I'm concerned with. I have a wireless router.
Unfortunately, the built in MAC filter is not working and emails to the
product vendor have not been responded to.
So I'm trying to find another means of securing my network and was hoping to
find a sotware solution to perform MAC address filtering.
David Barnes
Lock off all external 'windows sharing' on your server.
install RAS (with the PPTP server)
turn on PPTP filtering on the LAN card
Create a 'dialup' PPTP connection from each client to the server..
or look into using 802.x auth with encryption. (built-in on 2k & xp I think)
Any better sugestions? or glaring holes here?
David
""a:\"" <n...@spam.com> wrote in message
news:tefYb.533364$X%5.150123@pd7tw2no...
Eirik Seim
>
> > It seems not everybody realize MAC address filtering does nothing
> > for internet (as in "several routed networks") security, only for
> > your own local IP network - which is why MAC address filtering is
> > most frequently found in wireless access points, not in wired
> > routers/firewalls. Just my .5 euro...
>
> That's actually what I'm concerned with. I have a wireless router.
> Unfortunately, the built in MAC filter is not working and emails to the
> product vendor have not been responded to.
What type and brand of wireless router do you have? Others may have
similar problems (and even if they don't it may still be of interest),
and maybe even a solution.
> So I'm trying to find another means of securing my network and was hoping to
> find a sotware solution to perform MAC address filtering.
I understand, but unfortunately I don't know of any host based
firewalls with this feature for the Windows platform. However,
you should know that spoofing MAC addresses is really easy, and
combined with passive sniffing to see what addresses are allowed
can easily circumvent MAC address filtering. I'd recommend you
use this only combined with other, stronger protection mechanisms
like IPsec (the crypto, not the NT/XP simple port filtering).
Jeff Beard
bad news! MAC filtering is primarily intended to be hardware enabled. A
wireless router really needs to support this feature and if it doesn't,
start looking for a new vendor.
MAC enablement requires constant updates when the LAN gets modified, eg new
users,
but the object is to defeat external laptops from connecting to your interal
net.
(btw: you do disable broadcasting the SSID, don't you!)
--
====
Jeff Beard ( re move use less '_' )
J_Bear...@adelphia.net
'Things may come to those that wait, but only what is left over by
those that hustle.' Abraham Lincoln
"a:\"
> What type and brand of wireless router do you have? Others may have
> similar problems (and even if they don't it may still be of interest),
> and maybe even a solution.
I have a Network Everywhere NWR04B wireless router. The manual does
indicate that MAC filtering works, and I've gone through the instructions
several times, but it won't work on the router I have. I thought perhaps it
was the firmware was not up to date so I did download the most recent one
available on their website and applied it.
I've emailed the company twice without any response.
>. I'd recommend you
> use this only combined with other, stronger protection mechanisms
> like IPsec (the crypto, not the NT/XP simple port filtering).
By default, IPsec pass through is enabled. I haven't really read much about
this feature so I'm not that familiar with it, but I did accept the default
setting.
"a:\"
Yes, I have disabled SSID broadcasting.
Lars M. Hansen
>(btw: you do disable broadcasting the SSID, don't you!)
Disabling SSID broadcasts are really not a do-or-die item in wireless
security...
Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"