Richard Grainger wrote: > On Fri, Feb 23, 2018 at 11:25 AM, hw <hw at gc-24.de> wrote: > >> But MAC addresses can be faked, can´t they? > > Yes, someone can go to the trouble of obtaining a known corporate MAC > address and MAC-spoofing their personal device so they can PXE-boot a > corporate build on a VLAN that is otherwise useless. If your > corporate build on it's own is precious enough in itself that you > worry about this eventuality, then make the build server insist on > authentication before the build initiates. What´s the point in designing a security measure intended to prevent unauthorized network access in such a way that it can be as easily circumvented as it is to fake MAC addresses?