How serious is the "small" security hole? John
----- Original Message ----- From: "Eje Gustafsson" <[EMAIL PROTECTED]> To: "John Banes" <[EMAIL PROTECTED]> Sent: Thursday, September 25, 2003 04:45 PM Subject: Re[2]: [smartBridges] AirBridges and Bridging. > Couldn't said it better myself. > > v2.8beta4 and higher have a fix that will allow you to basically > "disregard" the MAC address so you can have it working with units like > the aB and the WET11's however it opens up a small security hole. > > / Eje > > Thursday, September 25, 2003, 2:27:07 PM, you wrote: > > JB> Only PPPoE will work with both the AirBridge and the WET11. When you try to use the hotspot through the Airbridge it will substitute it's own MAC address for the client computers address. > > JB> Here is the short version of what is happening. Your computer requests an address from the DHCP server and uses it's own MAC Address. this is passed through the airbridge and the mikrotik assigns > JB> the address, enters it and your MAC address in the arp table and sends it back to your computer. Now you try to send a TCP/IP packet to the mikrotik and the airbridge replaces your MAC address > JB> with its own MAC address and when it gets to the Mikrotik the MAC address doesn't match what is in the arp table so the Mikrotik won't respond. The WET11 suffers from the same problem. > > JB> John ----------ANNOUNCEMENT---------- Don't forget to register for WISPCON IV http://www.wispcon.info/us/wispcon-iv/wispcon-iv.htm The PART-15.ORG smartBridges Discussion List To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname> To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges) Archives: http://archives.part-15.org
