All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jose Luis Domingo Lopez <lartc@24x7linux.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] ARP daemon
Date: Mon, 09 Aug 2004 14:45:23 +0000	[thread overview]
Message-ID: <20040809144523.GD4917@localhost> (raw)
In-Reply-To: <20040809100108.GA26012@legolas.on.net.mk>

On Monday, 09 August 2004, at 14:51:55 +0200,
Damjan wrote:

> What I want to accomplish is deny the possibility of users changing
> their IP address, once its set.
>  
Then make it impossible for users to become "root" or equivalent in
their boxes, to prevent them from changing their interfaces MAC
addresses. This way users won't be able to do so, and even in the event
they try to boot with some sort of "live Linux CD" and change the MAC,
this change won't persist after reboot.

If you prefer/need to control this changes from your Linux box, then you
can play with iptables and its "mac" match (to bind together IP/MAC
pairs) or install "arpwatch". The latter won't prevent users from
(maybe) succeeding in their attemps to gain access to places where they
shouldn't be allowed to go, but you will be inmediately notified if
someone is not playing nice in your network.

Hope it helps.

-- 
Jose Luis Domingo Lopez
Linux Registered User #189436     Debian Linux Sid (Linux 2.6.8-rc2-mm2)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

  parent reply	other threads:[~2004-08-09 14:45 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-08-09 10:01 [LARTC] ARP daemon Damjan
2004-08-09 10:56 ` Ronny Aasen
2004-08-09 12:51 ` Damjan
2004-08-09 14:45 ` Jose Luis Domingo Lopez [this message]
2004-08-09 16:25 ` Peter Surda

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040809144523.GD4917@localhost \
    --to=lartc@24x7linux.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.