Hello Cedric,
Cedric Blancher wrote:
Le mercredi 03 mai 2006 à 13:18 +0800, Thomas Kuiper a écrit :
I think you want to filter with ebtables (like some cable ISP's do) based on
the mac address. ttl is not good for that.
1. You can spoof MAC address, there's no big deal about it, even on
Windows. Most soho routers have a "MAC cloning" functionnality that
exactly does this.
You can spoof anything. :-) I just wanted to point out that mac filtering is
definetly better than being based on ttl.
2. ISP only sees router's MAC address, may be 1 or 20 hosts behind it.
ISP's that filter are bad and ethernet isn't really designed to be secure
for that. But thats wasn't question here. Whats your solution?
Thomas
