From: [EMAIL PROTECTED] > Authenticated MACs are converted to an IP address, using > dhcpd.leases > to do the lookup. Then, as a double check, it will use the > ARP cache > to confirm that the IP and the MAC match up, so users can't steal > access from a stale IP somewhere. If a user picks a static IP, they > won't have an entry in dhcpd.leases, so they won't get access. > > What I'm looking for is a simple way to pull an IP/MAC combination > out of a dhcpd.leases file, or a reasonably sized dhcpd.leases file > that I can test a parser on. Can anybody help out here? > > Also, does this system sound reasonable or sensible? All comments > welcome.
Neither reasonable nor sensible from a security standpoint. Authenticating based on MAC addresses is like authenticating someone on the pretense of them wearing a blue shirt. It's not a strong authenenticator and it can be changed easily. WPA/802.1x handles this sort of thing much better, as does authpf and IPsec and ... and ... DS
