SUMMARY Re: SNOOP

From: Sri (nsriram@bani.com)
Date: Wed Jul 03 1996 - 13:31:01 CDT


Just like I had expected I was deluged with replies, some techy, some
tacky, some funny and some in the 4thJul spirit....
Here's the responses:

-------------------------------------------------------
> > Isin't there a way to stop someone stealing your IP address?

:: Nope. Your machine just has to have better IP performance.
   Martin Espinoza <drink@sei.com>

:: For Win95 users, you can get the Microsoft system policy editor and
:: restrict the users abilities to modify their PCs configuration. You can
:: get the SPE in the Win95 Resource Kit.
    Alex Finkel <afinkel@pfn.com>

:: My approach to this problem has been to always put PCs on a different
:: subnet from the UNIX systems that I'm responsible for. This way the
:: router blocks them out and so they cannot cause a problem in the
:: UNIX environment.
   Dave England <dengland@ivac.com>

:: Yes. Secure hubs. These hubs will only respond to a pre-set
:: MAC address and IP number on each port.
    Mark Bergman <bergman@phri.nyu.edu>

:: dump PC's and give your users Xterminals. run wincetner on an NT
:: server to supply windows applications. see if your users can change the
:: MAC address of their terminal!
:: Scott NcNealy says that pc's are the petri dishes of the internet. i
:: thnk he means that you have the general problem of users installing and
:: using software as well as changing settings and control information.
   Bert Shure <Bert_Shure%SOLSOURCE@notes.worldcom.com>

:: In short NO. Not unless you lock all users out of admin rights on all 95
:: NT and Unix machines. With out that anyone can borrow any IP address
   "Will Deutsch Jr." <sdeutsch@pcocd2.intel.com>

:: Another great command to use is arp
:: for example arp -a will list all of the IP's and associated MAC
:: addresses. Therefore
:: ping XXX.XXX.XXX.255 (the broadcast address) depending on your netmask
:: and arp -a will list every IP and MAC address that responded to thatPING.
   "Jon R. Ramsey" <ramsey@scr.siemens.com>

:: Yes, and this being America, it involves firearms. :)
   Wis Macomson <wis@sequent.com>

:: Yes there is, and it's the same way you stop people from stealing
:: your identity in real life.
:: You find them & stop them....select your favorite method :-
    Joe Gotobed <jgotobed@LPL.Arizona.EDU>
----------------------------------------------------------------------

Appears that a secure HUB on a *Unix Server's* only segment will be the
best solution (atleast in my case as Win crap.X, WineMpTy, Win95 install
base is quite large to worry about DHCP, although it seems promising!)
And Wis and Joe I haven't seen IDay4 <http://www.id4.com> yet! :)

Cheers...

--
 ___      _ _     _  _   _          _   _         
| _ ) ___| | |   /_\| |_| |__ _ _ _| |_(_)__  || N. Sriram (Sri)
| _ \/ -_) | |  / _ \  _| / _` | ' \  _| / _  || SysAdmin Dujor
|___/\___|_|_| /_/ \_\__|_\__,_|_||_\__|_\__| || Sri@Bani.COM
 N E T W O R K    I N T E G R A T I O N       || (610)993-6482                                  

Status: RO



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:03 CDT