Hi all, I did not read the beginning of this thread, and I don't know if this has been said before, so forgive me if it's irrelevant: I highly suggest you use arpwatch. It's a daemon that monitors MAC/IP on a network, and can notify the administrator when something changes. If you want to force the MAC for an IP, use "arp -f /etc/ethers" (man arp). Iptables does the same thing with MAC matching, but using arp with a fixed table is "the proper thing to do" (tm). I hope this helps. Regards, Sylvain On Mar 31 mai 2005 13:17, Krystian Antoni a écrit : > for user verification pptp can be used. its free :-) > > On 5/31/05, cristian_dimache@xxxxxxxxx <cristian_dimache@xxxxxxxxx> wrote: >> >> Yes, I have this problem too. And I came up with two ideas: one money >> comsuming, one time consuming. >> >> Money comsuming: get management switches everywhere, and limit MAC >> learning per port. My network amounts to 500+ stations, over a preety >> wide >> area (all on ethernet), costs evaluated at 30.000$. Rather expensive, >> ha? >> >> Time consuming: get into every windows workstation a program that alows >> network connection if MAC is unchanged from the one stored localy in an >> encrypted file. >> >> Boss evaluated my ideas, and, guess what? I am now working on the >> program >> described above. >> >> It will be publicly available, of course... >> >> > On Mon, 30 May 2005 20:41:20 +0200 Konrad <kcem@xxxxxxx> wrote: >> > >> >>Is any way to detect changed MAC adresses? >> > I have been working on this for some time. You can try the current >> > version: >> > http://shurdeek.routehat.org/tmp/dhcpwatch2.pl >> > >> > (please don't ask how it works, I'm pretty busy now :-)). >> > >> >>Someone taught change MACs peoples in my network and I have problems. >> > Yeah I know, I have seen this too. >> > >> >>E.g. Two computers working on one MAC, and one IP (static ARP and >> DHCP). >> > Exactly. >> > >> >>WinXP is screaming some message... that two computers or more have the >> >>same IP. >> > Actually this happens when people use the same IP but a *different* >> MAC. >> > >> > Yours sincerely, >> > Peter >> > _______________________________________________ >> > LARTC mailing list >> > LARTC@xxxxxxxxxxxxxxx >> > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >> > >> >> >> _______________________________________________ >> LARTC mailing list >> LARTC@xxxxxxxxxxxxxxx >> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >> > > > > -- > Mi³ego Dnia > Krystian Antoni > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
