On 1/13/11 9:11 PM, Jeremy Wood wrote: > I'm curious how those of you worried about MAC address spoofing address > the spoofing of user agents to get a device to appear as another. From > my understanding, you need to disable the Java/Active X applet > requirement for a login page in order for the devices that can't load > them to use the web login. In doing so you become completely dependent > on the user agent to determine the OS of the machine and IMO that's much > easier than a MAC to spoof.
You use MAC address identification for these devices in a role strictly limited - there's no reason an XBox needs to see Blackboard, email, printers, other useful campus resources. To provide iPhones such access you could in turn require VPN to get into the general network. If someone wants to spoof such a device, their options should be limited and their ability to do damage slight. -- Best regards -- Cal Frye, Network Administrator, Oberlin College Mudd Library, x.56930 -- CIT will NEVER ask you for your password! www.calfrye.com, www.oberlin.edu/cit/ "That in our days such pygmies cast such giant shadows only shows how late in the day it is become" -- Erwin Chargaff.
