Re: [smartBridges] Security and MAC cloning

[Colin Watson]

Title: RE: [smartBridges] Security and MAC cloning

You can authenticate clients via Radius, which (on the open systems implementation anyway) allows you to define 1 simoltanious use of that mac address. So unless a cloned unit attempted to connect when the other was offline (not normally as they are powered independantly of the PC) the unit will not be permitted to associate. Secondly, and I dont know if this is relevant to AirPoint products, we use Cisco AP's (SB's for the CPE), the Aironet 1220 has a web based interface that shows every assoication, the MAC and associated IP. You can manually disassociate/deauthenticate anyone connected. Coupled with RADIUS it makes a pretty effective deterant - for us at least.     ----- Original Message ----- From: phantam To: '[EMAIL PROTECTED]' Sent: Wednesday, July 16, 2003 6:32 PM Subject: RE: [smartBridges] Security and MAC cloning Bill have any info on if we can buy this unit is it expensive? Cause im planning a roll out quite wide and need a temporary solution. Chris -----Original Message----- From: Bill Flood [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 16, 2003 11:48 AM To: [EMAIL PROTECTED] Tim, We've developed a MAC/IP auth unit.  Seeing most people leave their external radios powered up all the time, if someone spoofs a MAC or a IP the unit will detect this and not allow traffic through.  It will also record their MAC/IP and the time.  Another feature of this product is a page reroute when they do a port 80 request.  The reroute will take them to our sign up page. At 11:20 AM 7/16/2003 -0400, you wrote: >http://www.isp-planet.com/fixed_wireless/business/2003/fastkat.html > >They're using YDI proprietary encryption. One can only assume it's better >than WEP. SB.. are you planning on adding any enhanced encryption? Or is >that only for the Nexus stuff? > >Also, they say they kick off pepole who clone MACs. Ummmm.. how exactly >does one detect a cloned MAC??? > >Tim Foster >www.AledoBroadBand.com >Aledo's only high-speed ISP > >The PART-15.ORG smartBridges Discussion List >To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe >smartBridges <yournickname> >To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe >smartBridges) >Archives: http://archives.part-15.org Bill Flood AirRunner Networks LLC --- We make the web fast! If you get tired of the wait call 715-443-3700! The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org