Re: [squid-users] MAC bacsed ACL

From: hare ram <hareram@dont-contact.us>
Date: Wed, 19 Feb 2003 14:32:50 +0530

Hi

iam talking about all are in my LAN
they are in Private network pool.
they all are home based network people

i dont think they can chage the MAC address
that is the reason i have choosed the MAC bassed ACL
so they can not finger around using the other un used IP's

authentication is the problem
in home they are seval people who use the PC
so they keep call for passwords and user names

any other methods guide me

thanks
hare
----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: "hare ram" <hareram@sol.net.in>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, February 19, 2003 1:00 PM
Subject: Re: [squid-users] MAC bacsed ACL

> And if you use MAC he can change to any free MAC address..
>
> The generally recommended identification method if IP is not
> sufficient is to use authentication. This way your access logs and
> access controls will show within reasonable doubt who the user really
> is.
>
> Regards
> Henrik
>
>
>
> On Wednesday 19 February 2003 06.54, hare ram wrote:
> > Hi Henrik
> >
> > You were saying the MAC based ACL is no so Secure
> > then what methode is secure,
> > if i does the the IP based Access List
> > User can change any free IP and Start Browsing, and other PC who
> > have the same IP will have IP conflict or so.
> >
> > what is the recomendation for the securing the access for the user
> > to use the same PC rather move or connect the LAN connection to
> > another PC
> >
> > suggetion will appriciate
> >
> > hare
> > ----- Original Message -----
> > From: "Henrik Nordstrom" <hno@squid-cache.org>
> > To: "hare ram" <hareram@sol.net.in>
> > Cc: <squid-users@squid-cache.org>
> > Sent: Tuesday, February 18, 2003 10:06 PM
> > Subject: Re: [squid-users] MAC bacsed ACL
> >
> > > Why are you using MAC based ACLs? MAC based acls are technically
> > > NOT more secure than IP based ACLs, only more complex to define
> > > as each MAC address is 12 hex numbers..
> > >
> > > 200 MAC addresses is not very many for Squid to manage. To ease
> > > management I would recommend putting them in a separate file and
> > > include this from squid.conf if you have not already done so.
> > >
> > > Regards
> > > Henrik
> > >
> > > tis 2003-02-18 klockan 16.45 skrev hare ram:
> > > > Hi all
> > > >
> > > > iam trying to make MAC based ACL, i have 200PC MAC based ACL,
> > > > looks very long,
> > > > does any one have alternative method to use this 200 MAC
> > > > address ACL in short
> > > >
> > > > thanks
> > > > hare
> > >
> > > --
> > > Henrik Nordstrom <hno@squid-cache.org>
> > > MARA Systems AB, Sweden
>
>
Received on Wed Feb 19 2003 - 01:51:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:28 MST