[ previous ] [ next ] [ threads ]
 From:  "apiasecki at midatlanticbb dot com" <apiasecki at midatlanticbb dot com>
 To:  Lee Sharp <leesharp at hal dash pc dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Anti netcut (was Re: [m0n0wall] m0n0wall 1.3b17)
 Date:  Fri, 01 May 2009 12:20:14 -0400
If you using Cisco equipment, you can do this without vlans. Other 
vendors might have other solutions.

"Switchport protected" for Cisco switches
"Public Secure packet forwarding" for Cisco APs


Lee Sharp wrote:
> Mohammed Ismail wrote:
>> I am talking about wired clients.
>> Thanks for your state full answers and for the tips.
>> After all convenient answers that I cannot really tell that they are 
>> wrong,
>> because of my little knowledge. But there will be a question How do 
>> they do it in other systems?
>> How about miktrotik?
>> And there is another system an Egyptian Guy developed it that prevents
>> NetCut-Switchsniffer-Winarp Spoofer
>> And I actually saw some servers working on those systems here in 
>> Alexandria.
>> It even detects what I am doing.
> By using vlan capable switches and access points and keeping each user 
> in a separate vlan.  (Not cheap)  As each is it's own entire network, 
> there is no one to spoof.  And as the router is essentially spoofing 
> whatever IP you spit at it, it sees traffic outside the subnet.  While 
> this works for hotels, it is useless for an office network where you 
> need to communicate with other systems, servers, and printers.
>             Lee
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> __________ Information from ESET NOD32 Antivirus, version of virus 
> signature database 4047 (20090430) __________
> The message was checked by ESET NOD32 Antivirus.
> http://www.eset.com