[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Anti netcut (was Re: [m0n0wall] m0n0wall 1.3b17)
 Date:  Thu, 30 Apr 2009 23:46:07 -0500
Mohammed Ismail wrote:
> You miss the point they do it on regular Switched Ethernet 
> Just the cheapest switches, and clients are not seeing each other.
> I really cannot change from m0n0wall, I am already using it for more than 2
> years, and my clients are satisfied with fascinating easy web interface,
> I might migrate to pfsense, but nothing really much there, I look to
> m0n0wall as the slandered for me all what I need is in one small image,
> In other way, I believe there will be a solution or semi-solution on
> m0n0wall.

I can not see how this would happen, but I can see how it would appear 
to happen.  If arp poisoning mtm is well done, you do not notice.  And 
you can harden systems to avoid it, including m0n0wall.  But if you do 
not have control of the end users (like I do not in the hotels I provide 
service in) you can not protect them unless you have good managed 
switches.  It also makes troubleshooting easy, as you can look at arp 
tables throughout the network and find out where the scammer is hidding!

And I have enjoyed this.  It never hurts to think a bit more in depth 
about security.  Feel free to ask more!