[unisog] Wired and wireless nic's on a student machine

Phillip G Deneault deneault at WPI.EDU
Mon Aug 18 14:39:43 GMT 2003


> One thing to keep in mind is that if users are running M$ XP Home
> edition, there is a possibility of "automatic" bridging between the two
> devices (networks) which is very likely to create a network loop.  Of
> course the dual profiles will help to mitigate this, but it is rather
> annoying to have to logout/reboot (from the student perspective) to
> switch between the networks.
> 
> Thanks,
> Jeff
> 
> --
> Jeff Bollinger, CISSP
> University of North Carolina
> IT Security Analyst
> 105 Abernethy Hall
> mailto: jeff @unc dot edu

In the dorms, to prevent kids from doing this we utilize MAC address
security.  It forces kids to only use the ports they are registered for,
it keeps them from playing around because they are frightened the switches
will lock their ports, and if foreign MAC appear the ports lock out which
catches network bridges, packet forgers, wireless access points, and the 
occasional misconfigured NAT box.

Phil

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Phil Deneault     "We work in the dark, We do what we can,
deneault at wpi.edu   We give what we have. Our doubt is our passion,
WPI NetOps         and our passion is our task. The rest is the
InfoSec            madness of art." - Henry James
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-





More information about the unisog mailing list