Sign in with
Sign up | Sign in
Your question

Block Inbound Traffic

Last response: in Networking
Share
July 9, 2004 8:13:19 PM

Archived from groups: comp.security.firewalls (More info?)

Does anyone know of a free firewall that will allow inbound
connections based on the remote computers name, mac, and/or IP? (not
so much the IP as the name/mac).

The outbound connections do not have to be monitored and all other
computers that try to access the system that has the firewall and is
not in an authoized list should be blocked.

Thanks.

More about : block inbound traffic

July 10, 2004 9:35:06 PM

Archived from groups: comp.security.firewalls (More info?)

"JP" <gg2.20.joep@spamgourmet.com> wrote in message
news:1b6225e5.0407091513.3b0f3006@posting.google.com...
> Does anyone know of a free firewall that will allow inbound
> connections based on the remote computers name, mac, and/or IP? (not
> so much the IP as the name/mac).
>
> The outbound connections do not have to be monitored and all other
> computers that try to access the system that has the firewall and is
> not in an authoized list should be blocked.

Computer name? Pointless. Easily changed

Mac? Pointless. Not transmitted outside of the LAN

IP? The only way. Any firewall that can't block by IP is not worth the free
price.
Anonymous
July 11, 2004 12:10:34 AM

Archived from groups: comp.security.firewalls (More info?)

what does it need to run on, if Linux, why not use IPTables.
Is it for a gateway device or just your workstation?

"JP" <gg2.20.joep@spamgourmet.com> wrote in message
news:1b6225e5.0407091513.3b0f3006@posting.google.com...
Does anyone know of a free firewall that will allow inbound
connections based on the remote computers name, mac, and/or IP? (not
so much the IP as the name/mac).

The outbound connections do not have to be monitored and all other
computers that try to access the system that has the firewall and is
not in an authoized list should be blocked.

Thanks.
Related resources
July 11, 2004 12:10:35 AM

Archived from groups: comp.security.firewalls (More info?)

"Banana" <banana@unrouteable.nowhere> wrote in message news:<ccofat$270r$1@otis.netspace.net.au>...
> what does it need to run on, if Linux, why not use IPTables.
> Is it for a gateway device or just your workstation?
>
> "JP" <gg2.20.joep@spamgourmet.com> wrote in message
> news:1b6225e5.0407091513.3b0f3006@posting.google.com...
> Does anyone know of a free firewall that will allow inbound
> connections based on the remote computers name, mac, and/or IP? (not
> so much the IP as the name/mac).
>
> The outbound connections do not have to be monitored and all other
> computers that try to access the system that has the firewall and is
> not in an authoized list should be blocked.
>
> Thanks.

It needs to run off of Windows. One that doesn't take alot of system
resources is best. It will be used for more of a gateway type.
July 11, 2004 3:01:55 PM

Archived from groups: comp.security.firewalls (More info?)

"Mike" <mike@notherematey.com> wrote in message news:<ccp5oe$kbs$1@thorium.cix.co.uk>...
> "JP" <gg2.20.joep@spamgourmet.com> wrote in message
> news:1b6225e5.0407091513.3b0f3006@posting.google.com...
> > Does anyone know of a free firewall that will allow inbound
> > connections based on the remote computers name, mac, and/or IP? (not
> > so much the IP as the name/mac).
> >
> > The outbound connections do not have to be monitored and all other
> > computers that try to access the system that has the firewall and is
> > not in an authoized list should be blocked.
>
> Computer name? Pointless. Easily changed
>
> Mac? Pointless. Not transmitted outside of the LAN
>
> IP? The only way. Any firewall that can't block by IP is not worth the free
> price.


MAC - Not pointless, firewall will be inside LAN.
Computer name - Not pointless, cannot be easily changed. Only
domain/local admins can change.
Anonymous
July 13, 2004 1:56:07 AM

Archived from groups: comp.security.firewalls (More info?)

Did you check out Outpost?

Agnitum Outpost Firewall (Free)
(Freeware) (last Freeware version) (Unsupported)
OS: Windows 9x/ME/NT/2000/XP
Languages: English (documentation in German, Hungarian, Russian and Italian)
Description: Agnitum Outpost is a personal firewall. It's standard personal
firewall features include "system and application level filtering",
"detailed information on all connections and open ports"; "predefined system
and application settings for all common tasks (browsing the web, allowing
ICQ, allowing DNS or DHCP, etc )"; a built-in log viewer; stealth mode; ICMP
filtering; NetBIOS rule creation; wizard mode for automatic rule creation;
MD5 authentication, etc. In addition, it supports plug-ins for tasks such as
Intrusion Detection, Advertisement Blocking, Content Filtering, E-mail Guard
and Privacy Control. The interface is highly customizable. For the plug-ins,
it supports online automated update against new attacks. Finally, it needs
no configuration before using and it starts protecting your system as soon
as it's installed.
Author: -- Company: Agnitum Ltd.
Home Page:
http://www.agnitum.com/
download page v1.0.1817 (OutpostInstall.exe) (2556 KB)
http://www.agnitum.com/download/outpost1.html


"JP" <gg2.20.joep@spamgourmet.com> wrote in message
news:1b6225e5.0407091513.3b0f3006@posting.google.com...
> Does anyone know of a free firewall that will allow inbound
> connections based on the remote computers name, mac, and/or IP? (not
> so much the IP as the name/mac).
>
> The outbound connections do not have to be monitored and all other
> computers that try to access the system that has the firewall and is
> not in an authoized list should be blocked.
>
> Thanks.
July 15, 2004 1:11:51 PM

Archived from groups: comp.security.firewalls (More info?)

JP wrote:

> I don't have to say, "I've tried product X", because I'M ASKING FOR
> SUGGESTIONS! Ass.

Well so far I see nothing but your ranting and raving and few
suggestions. I wonder why?

Have fun and watch that blood pressure.


--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted.
July 15, 2004 1:17:27 PM

Archived from groups: comp.security.firewalls (More info?)

Mike <info@michaelmoyse.co.uk> wrote in message news:<cd5e87$15p$1@thorium.cix.co.uk>...
> JP wrote:
>
> > I don't have to say, "I've tried product X", because I'M ASKING FOR
> > SUGGESTIONS! Ass.
>
> Well so far I see nothing but your ranting and raving and few
> suggestions. I wonder why?
>
> Have fun and watch that blood pressure.

I'm only ranting, and you put it, because you're trying to be an ass.
Few suggestions, probably cause you're clogging this thread. And don't
try to be the innocent party in this. You started ot, and now you see
you're wrong.
July 15, 2004 9:59:54 PM

Archived from groups: comp.security.firewalls (More info?)

JP wrote:

> Mike <info@michaelmoyse.co.uk> wrote in message news:<cd5e87$15p$1@thorium.cix.co.uk>...
>
>>JP wrote:
>>
>>
>>>I don't have to say, "I've tried product X", because I'M ASKING FOR
>>>SUGGESTIONS! Ass.
>>
>>Well so far I see nothing but your ranting and raving and few
>>suggestions. I wonder why?
>>
>>Have fun and watch that blood pressure.
>
>
> I'm only ranting, and you put it, because you're trying to be an ass.
> Few suggestions, probably cause you're clogging this thread. And don't
> try to be the innocent party in this. You started ot, and now you see
> you're wrong.

Not trying to be an ass. Trying to help but you won't give any
information despite my asking several times. Instead you prefer to rant,
rave, swear at me and insult me. If anyone is clogging this thread it is
yourself with your verbal diarrhea

Actually my original post in reply to your question was not OT :-

Computer name? Pointless. Easily changed

Mac? Pointless. Not transmitted outside of the LAN

IP? The only way. Any firewall that can't block by IP is not worth the free
price.



--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted.
Anonymous
July 16, 2004 9:54:24 AM

Archived from groups: comp.security.firewalls (More info?)

Don Kelloway wrote:
>
> "Don Kelloway" <dkelloway@commodon.com> wrote in message
> news:WFEJc.9201$sV2.2038@newsread2.news.atl.earthlink.net...

> > You cannot block an incoming connection by computer name because it
> can
> > be easily spoofed. Besides the computer name is not something that's
> > passed within an incoming packet.

Computer names are obtained by doing a reverse lookup on an IP address.

> I should have additionally stated that computer names are something that
> are only available to other computers within the same LAN.

If this name resolution occurs using DNS, it is often available throughout
the Internet. However, it is also correct (ObFirewall) that many name
services are confined to a LAN; typical examples are WINS and Windows Active
Directory. Host files are even more restricted, valid only for the machine
they are located on.

Thor

--
http://www.anta.net/
July 16, 2004 1:08:07 PM

Archived from groups: comp.security.firewalls (More info?)

Don Kelloway wrote:
>
> Assuming you are referring to blocking incoming traffic from the
> Internet:
>
> You cannot block an incoming connection by MAC because the MAC of every
> single incoming packet will be exactly the same as that of the last
> router the packet was passed through.
>
> You cannot block an incoming connection by computer name because it can
> be easily spoofed. Besides the computer name is not something that's
> passed within an incoming packet.
>
> This leaves blocking incoming connections based upon IP address.

Thats what I said when I first saw the problem as presented by JP, but
it seems that JP has left some vital information out which has also lead
you to the same conclusion. Watch out because he will start swearing at
you now because you can't read his mind either.

Sits back and waits for more ranting from JP.
Maybe he will get the message that he is not giving enough information
this time.
On second thoughts, based on past performance, its probably our fault :-(



--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted.
Anonymous
July 16, 2004 2:02:30 PM

Archived from groups: comp.security.firewalls (More info?)

On 15 Jul 2004 16:13:41 -0700, gg2.20.joep@spamgourmet.com (JP) wrote:


>> IP? The only way. Any firewall that can't block by IP is not worth the free
>> price.
>
>
>I have given plenty of information. Lets collect it.

You havent


>So it is your "verbal diarrhea" that is clogging this thread.

I suggest taking the mote out of your own eye 1st sunshine.



greg

--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht
Anonymous
July 16, 2004 2:02:30 PM

Archived from groups: comp.security.firewalls (More info?)

On Fri, 16 Jul 2004 05:54:24 +0300, Thor Kottelin <thor@anta.net> wrote:


>
>Computer names are obtained by doing a reverse lookup on an IP address.
>

Only for those addresses with reverse DNS entries.



greg

--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht
Anonymous
July 16, 2004 4:20:28 PM

Archived from groups: comp.security.firewalls (More info?)

Jp has plenty of info.. obviously he wants to seperate a computer from
the rest of the lan hes on.. via somthing easy like computername
handed out via a dns server.. since he mentions that the comp names
cannot be changed b/c of dns the names would be listed as
comp1.mylocaldomain.com which is not easy to spoof on a domain
considering that he probably has the names locked. i think theres
plenty of info here.. since this is said to be a windows network
iptables would not work as well because there might be more than one
net admin and they might have no idea how to configure and update ip
tables.. so a windows firewall is probably required.. since its on a
lan mac / comp names / a combiantion of the 2 would be best.. though
it is possible to spoof comp name and mac it will be another level of
security to get passed. if coupled with an ids that is configured
mainly for windows exploits and DoS attacks. as well as invalid name
detection it could prove highly useful.. so please stop bitching about
not having info..
Anonymous
July 16, 2004 6:56:23 PM

Archived from groups: comp.security.firewalls (More info?)

"Thor Kottelin" <thor@anta.net> wrote in message
news:40F74360.C6B868D8@anta.net...
>
> Don Kelloway wrote:
> >
> > "Don Kelloway" <dkelloway@commodon.com> wrote in message
> > news:WFEJc.9201$sV2.2038@newsread2.news.atl.earthlink.net...
>
> > > You cannot block an incoming connection by computer name because
it
> > can
> > > be easily spoofed. Besides the computer name is not something
that's
> > > passed within an incoming packet.
>
> Computer names are obtained by doing a reverse lookup on an IP
address.
>
> > I should have additionally stated that computer names are something
that
> > are only available to other computers within the same LAN.
>
> If this name resolution occurs using DNS, it is often available
throughout
> the Internet. However, it is also correct (ObFirewall) that many name
> services are confined to a LAN; typical examples are WINS and Windows
Active
> Directory. Host files are even more restricted, valid only for the
machine
> they are located on.
>

It's my belief that when the OP refers to a 'computer name', he is
referring to a 'hostname' which is associated with the NetBIOS protocol.

If however the OP was in fact referring to using a PTR record as a
method to allow access. Yes. Performing a query against a DNS for a
PTR record is a possibility. However PTR records are not required, are
not unique and can be easily faked. It's also my belief that
configuring a firewall to allow an incoming connection based upon the
PTR record would be very secure.

--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".
Anonymous
July 16, 2004 7:00:06 PM

Archived from groups: comp.security.firewalls (More info?)

"Don Kelloway" <dkelloway@commodon.com> wrote in message
news:r0SJc.12606$kK.4492@newsread3.news.atl.earthlink.net...
>
> It's my belief that when the OP refers to a 'computer name', he is
> referring to a 'hostname' which is associated with the NetBIOS
protocol.
>
> If however the OP was in fact referring to using a PTR record as a
> method to allow access. Yes. Performing a query against a DNS for a
> PTR record is a possibility. However PTR records are not required,
are
> not unique and can be easily faked. It's also my belief that
> configuring a firewall to allow an incoming connection based upon the
> PTR record would be very secure.
>

ACK! The last sentence should say "It's also my belief that configuring
a firewall to allow an incoming connection based upon the
PTR record would be very insecure".

--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".
Anonymous
July 16, 2004 11:27:51 PM

Archived from groups: comp.security.firewalls (More info?)

In article <1b6225e5.0407161104.226dc543@posting.google.com>,
gg2.20.joep@spamgourmet.com says...
> And for everyone else: saying that I want a Windows firewall that
> blocks based on IP/MAC/Comp Name and has an allow list is plenty of
> information. What else could you possibly need. Do you want the
> computer model, because that doen't matter. And the services that are
> running does not matter, as Mike wanted to know. So I don't see where
> the trouble is.

You do know that I can change the MAC address on every network card in
my office, and my router, and my firewall, and the list goes on.


--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
Anonymous
July 17, 2004 12:33:55 AM

Archived from groups: comp.security.firewalls (More info?)

On 16 Jul 2004 12:04:26 -0700, gg2.20.joep@spamgourmet.com (JP) wrote:


>And for everyone else: saying that I want a Windows firewall that
>blocks based on

You have been told that blocking on

> IP

Is good.

> /MAC

A waste of time

> /Comp Name

A waste of time.

> and has an allow list

Firewalls should explicitly block by default. So anything granted access is
implcitly part of an allow list.




greg

--
Konnt ihr mich horen?
Konnt ihr mich sehen?
Konnt ihr mich fuhlen?
Ich versteh euch nicht
July 17, 2004 3:21:34 AM

Archived from groups: comp.security.firewalls (More info?)

"dot_txt" <dot_txt@hotmail.com> wrote in message
news:228cf51.0407161120.5e104c6b@posting.google.com...
> Jp has plenty of info.. obviously he wants to seperate a computer from
> the rest of the lan hes on.. via somthing easy like computername
> handed out via a dns server.. since he mentions that the comp names
> cannot be changed b/c of dns the names would be listed as
> comp1.mylocaldomain.com which is not easy to spoof on a domain
> considering that he probably has the names locked. i think theres
> plenty of info here.. since this is said to be a windows network
> iptables would not work as well because there might be more than one
> net admin and they might have no idea how to configure and update ip
> tables.. so a windows firewall is probably required.. since its on a
> lan mac / comp names / a combiantion of the 2 would be best.. though
> it is possible to spoof comp name and mac it will be another level of
> security to get passed. if coupled with an ids that is configured
> mainly for windows exploits and DoS attacks. as well as invalid name
> detection it could prove highly useful.. so please stop bitching about
> not having info..

And your suggested solution is?...........
July 17, 2004 3:21:35 AM

Archived from groups: comp.security.firewalls (More info?)

"Mike" <mike@notherematey.com> wrote in message news:<cd9ka0$r33$1@thorium.cix.co.uk>...
> "dot_txt" <dot_txt@hotmail.com> wrote in message
> news:228cf51.0407161120.5e104c6b@posting.google.com...
> > Jp has plenty of info.. obviously he wants to seperate a computer from
> > the rest of the lan hes on.. via somthing easy like computername
> > handed out via a dns server.. since he mentions that the comp names
> > cannot be changed b/c of dns the names would be listed as
> > comp1.mylocaldomain.com which is not easy to spoof on a domain
> > considering that he probably has the names locked. i think theres
> > plenty of info here.. since this is said to be a windows network
> > iptables would not work as well because there might be more than one
> > net admin and they might have no idea how to configure and update ip
> > tables.. so a windows firewall is probably required.. since its on a
> > lan mac / comp names / a combiantion of the 2 would be best.. though
> > it is possible to spoof comp name and mac it will be another level of
> > security to get passed. if coupled with an ids that is configured
> > mainly for windows exploits and DoS attacks. as well as invalid name
> > detection it could prove highly useful.. so please stop bitching about
> > not having info..
>
> And your suggested solution is?...........

So, now your bitching about suggestions? First, it was that there was
not enough info. And now that it has been established that I've have
had enough info in the first place, your going to switch your story
and ask eveyone what their solution is?
July 17, 2004 3:23:33 AM

Archived from groups: comp.security.firewalls (More info?)

"JP" <gg2.20.joep@spamgourmet.com> wrote in message
news:1b6225e5.0407161104.226dc543@posting.google.com...
> Greg Hennessy <me@privacy.net> wrote in message
news:<a84ff0hq1fnkut0nfcmpc4k3lvh8up6eub@4ax.com>...
> > On 15 Jul 2004 16:13:41 -0700, gg2.20.joep@spamgourmet.com (JP) wrote:
> >
> >
> > >> IP? The only way. Any firewall that can't block by IP is not worth
the free
> > >> price.
> > >
> > >
> > >I have given plenty of information. Lets collect it.
> >
> > You havent
> >
> >
> > >So it is your "verbal diarrhea" that is clogging this thread.
> >
> > I suggest taking the mote out of your own eye 1st sunshine.
> >
> >
> >
> > greg
>
> Well, Mike, again I must explain to you. If you had not been a jackass

You talking to me or Greg?
Anonymous
July 17, 2004 7:05:50 AM

Archived from groups: comp.security.firewalls (More info?)

"JP" <gg2.20.joep@spamgourmet.com> wrote in message
news:1b6225e5.0407161104.226dc543@posting.google.com...
>
> And for everyone else: saying that I want a Windows firewall that
> blocks based on IP/MAC/Comp Name and has an allow list is plenty of
> information. What else could you possibly need. Do you want the
> computer model, because that doen't matter. And the services that are
> running does not matter, as Mike wanted to know. So I don't see where
> the trouble is.

I believe the answer to your question has been provided not once, but
several times from several persons including myself.

There are firewalls that are capable of blocking based upon the MAC, but
the ability to block based upon the MAC is only valid for systems within
the same subnet.

Unfortunately I and I think others have yet to determine from any of
your posts if you are looking to firewall your PC from other systems
within the same LAN, from other systems on the Internet, or both.
Knowing how you intend to implement a firewall can be critical to making
the proper selection.

The same applies to blocking based upon computer name, but that too has
several persons including myself wondering if what you mean by computer
name is to say you want to block by hostname (NetBIOS) or PTR records
(DNS). Unfortunately the term 'computer name' can be interpreted in a
couple of ways.

Regardless of the above what is the intent or motivation to want to
block based upon MAC or hostname? Why is this something you're looking
to do?

--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".
Anonymous
July 17, 2004 7:15:39 AM

Archived from groups: comp.security.firewalls (More info?)

"dot_txt" <dot_txt@hotmail.com> wrote in message
news:228cf51.0407161120.5e104c6b@posting.google.com...
> Jp has plenty of info.. obviously he wants to seperate a computer from
> the rest of the lan hes on.. via somthing easy like computername
> handed out via a dns server.. since he mentions that the comp names
> cannot be changed b/c of dns the names would be listed as
> comp1.mylocaldomain.com which is not easy to spoof on a domain
> considering that he probably has the names locked. i think theres
> plenty of info here.. since this is said to be a windows network
> iptables would not work as well because there might be more than one
> net admin and they might have no idea how to configure and update ip
> tables.. so a windows firewall is probably required.. since its on a
> lan mac / comp names / a combiantion of the 2 would be best.. though
> it is possible to spoof comp name and mac it will be another level of
> security to get passed. if coupled with an ids that is configured
> mainly for windows exploits and DoS attacks. as well as invalid name
> detection it could prove highly useful.. so please stop bitching about
> not having info..

If he's looking to implement a firewall between his PC and the rest of
the LAN, piece of cake. I can offer an SMLI bridge-based firewall that
runs on Windows NT/2000 and can be configured to allow/deny based upon
MAC, as well as IP. Unfortunately I think I read in one of his posts
that he's looking for something that's free? If so, sorry what I have
to offer is not free.

--
Best regards, from Don Kelloway of Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".
July 17, 2004 2:55:10 PM

Archived from groups: comp.security.firewalls (More info?)

JP wrote:

> "Mike" <mike@notherematey.com> wrote in message news:<cd9ka0$r33$1@thorium.cix.co.uk>...
>
>>"dot_txt" <dot_txt@hotmail.com> wrote in message
>>news:228cf51.0407161120.5e104c6b@posting.google.com...
>>
>>>Jp has plenty of info.. obviously he wants to seperate a computer from
>>>the rest of the lan hes on.. via somthing easy like computername
>>>handed out via a dns server.. since he mentions that the comp names
>>>cannot be changed b/c of dns the names would be listed as
>>>comp1.mylocaldomain.com which is not easy to spoof on a domain
>>>considering that he probably has the names locked. i think theres
>>>plenty of info here.. since this is said to be a windows network
>>>iptables would not work as well because there might be more than one
>>>net admin and they might have no idea how to configure and update ip
>>>tables.. so a windows firewall is probably required.. since its on a
>>>lan mac / comp names / a combiantion of the 2 would be best.. though
>>>it is possible to spoof comp name and mac it will be another level of
>>>security to get passed. if coupled with an ids that is configured
>>>mainly for windows exploits and DoS attacks. as well as invalid name
>>>detection it could prove highly useful.. so please stop bitching about
>>>not having info..
>>
>>And your suggested solution is?...........
>
>
> So, now your bitching about suggestions? First, it was that there was
> not enough info. And now that it has been established that I've have
> had enough info in the first place, your going to switch your story
> and ask eveyone what their solution is?

Oh do stop crying please.
July 17, 2004 2:55:11 PM

Archived from groups: comp.security.firewalls (More info?)

Mike <info@michaelmoyse.co.uk> wrote in message news:<cdat5h$ctm$1@thorium.cix.co.uk>...
> JP wrote:
>
> > "Mike" <mike@notherematey.com> wrote in message news:<cd9ka0$r33$1@thorium.cix.co.uk>...
> >
> >>"dot_txt" <dot_txt@hotmail.com> wrote in message
> >>news:228cf51.0407161120.5e104c6b@posting.google.com...
> >>
> >>>Jp has plenty of info.. obviously he wants to seperate a computer from
> >>>the rest of the lan hes on.. via somthing easy like computername
> >>>handed out via a dns server.. since he mentions that the comp names
> >>>cannot be changed b/c of dns the names would be listed as
> >>>comp1.mylocaldomain.com which is not easy to spoof on a domain
> >>>considering that he probably has the names locked. i think theres
> >>>plenty of info here.. since this is said to be a windows network
> >>>iptables would not work as well because there might be more than one
> >>>net admin and they might have no idea how to configure and update ip
> >>>tables.. so a windows firewall is probably required.. since its on a
> >>>lan mac / comp names / a combiantion of the 2 would be best.. though
> >>>it is possible to spoof comp name and mac it will be another level of
> >>>security to get passed. if coupled with an ids that is configured
> >>>mainly for windows exploits and DoS attacks. as well as invalid name
> >>>detection it could prove highly useful.. so please stop bitching about
> >>>not having info..
> >>
> >>And your suggested solution is?...........
> >
> >
> > So, now your bitching about suggestions? First, it was that there was
> > not enough info. And now that it has been established that I've have
> > had enough info in the first place, your going to switch your story
> > and ask eveyone what their solution is?
>
> Oh do stop crying please.

Whats the matter, found out your wrong finally?
Anonymous
July 17, 2004 10:01:40 PM

Archived from groups: comp.security.firewalls (More info?)

> I only asked him for some more information and he went off the deep end.
>
> My /dev/null is right between /dev/mouse@ and /dev/port
>
> Must create a /dev/plonkers device sometime


i must admit /dev/plonkers is a good one.. but please forward all
messages to dev/null from here on unless you have any other usefull
sugestions
Anonymous
July 18, 2004 2:18:19 PM

Archived from groups: comp.security.firewalls (More info?)

dot_txt wrote:

>Jp has plenty of info..

There's plenty of info in your headers. Look into them before you try
to pretend to be someone else. It's called "sock puppets" or
"socking". You're not very good at it. Much in the same way you try
to elicit help.
July 18, 2004 10:54:36 PM

Archived from groups: comp.security.firewalls (More info?)

JP wrote:

> Whats the matter, found out your wrong finally?
No, just bored with your constant whining. Why don't you just put all
that effort into providing a bit of detail about your problem?
July 20, 2004 8:53:15 PM

Archived from groups: comp.security.firewalls (More info?)

JP wrote:

> Does anyone know of a free firewall that will allow inbound
> connections based on the remote computers name, mac, and/or IP? (not
> so much the IP as the name/mac).
>
> The outbound connections do not have to be monitored and all other
> computers that try to access the system that has the firewall and is
> not in an authoized list should be blocked.
>
> Thanks.

I think I understand now. Your request is related to your other post in
comp.os.ms-windows http://makeashorterlink.com/?R2F0629D8 is it not?

In there you want to make your DHCP server secure so that it only gives
out IP addessess to machines that you determine can have an IP. You
approach of using a firewall is both innovative and novel!

You have spotted a security deficiency that many manufacturers have now
targetted. At a recent Network Associates briefing I was chatting to one
of the guys about this very issue. They are working with some switch
vendors to build this sort of functionality right into the hardware.
There are also some white papers floating around on the subject but I
can't find anything useful.

In the meantime I know its a pain in the arse but fixing everything by
MAC address seems to be the only option. :-(


--

------------------------------------

Real email to mike. The header email is a spam trap and you will be
blacklisted,
submitted to anti-spam sites and proably burn in hell.
Anonymous
August 3, 2004 10:17:09 PM

Archived from groups: comp.security.firewalls (More info?)

On Tue, 20 Jul 2004 at 15:53 GMT, Mike <honey@michaelmoyse.co.uk> spewed
into the usenet group comp.security.firewalls:
> JP wrote:
>
>> Does anyone know of a free firewall that will allow inbound
>> connections based on the remote computers name, mac, and/or IP? (not
>> so much the IP as the name/mac).
>>
>> The outbound connections do not have to be monitored and all other
>> computers that try to access the system that has the firewall and is
>> not in an authoized list should be blocked.
>>
>> Thanks.
>
> I think I understand now. Your request is related to your other post in
> comp.os.ms-windows http://makeashorterlink.com/?R2F0629D8 is it not?
>
> In there you want to make your DHCP server secure so that it only gives
> out IP addessess to machines that you determine can have an IP. You
> approach of using a firewall is both innovative and novel!

Not when you realise that the MAC can be changed. It is much easier to do
this type of locking on the switch itself.
Any modern switch with SNMP capabilities, VLAN and 802.1q support can
probably be used for such scenarios.

Assign a static ARP table to the switch, control this via SNMP v3.
The user authenticates via 802.1q, and then the switch is ACLed and VLANed
via SNMP based on login information so that the end user gets access to a
limited set of resources.

Devdas Bhagat
!