[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Anti netcut (was Re: [m0n0wall] m0n0wall 1.3b17)
 Date:  Thu, 30 Apr 2009 22:41:41 -0500
Mohammed Ismail wrote:
> I am talking about wired clients.
> Thanks for your state full answers and for the tips.
> After all convenient answers that I cannot really tell that they are wrong,
> because of my little knowledge. But there will be a question 
> How do they do it in other systems?
> How about miktrotik?
> And there is another system an Egyptian Guy developed it that prevents
> NetCut-Switchsniffer-Winarp Spoofer
> And I actually saw some servers working on those systems here in Alexandria.
> It even detects what I am doing.

By using vlan capable switches and access points and keeping each user 
in a separate vlan.  (Not cheap)  As each is it's own entire network, 
there is no one to spoof.  And as the router is essentially spoofing 
whatever IP you spit at it, it sees traffic outside the subnet.  While 
this works for hotels, it is useless for an office network where you 
need to communicate with other systems, servers, and printers.