[CentOS] RADIUS
hw
hw at gc-24.de
Fri Feb 23 12:45:19 UTC 2018
Richard Grainger wrote:
> On Fri, Feb 23, 2018 at 11:25 AM, hw <hw at gc-24.de> wrote:
>
>> But MAC addresses can be faked, can´t they?
>
> Yes, someone can go to the trouble of obtaining a known corporate MAC
> address and MAC-spoofing their personal device so they can PXE-boot a
> corporate build on a VLAN that is otherwise useless. If your
> corporate build on it's own is precious enough in itself that you
> worry about this eventuality, then make the build server insist on
> authentication before the build initiates.
What´s the point in designing a security measure intended to prevent
unauthorized network access in such a way that it can be as easily
circumvented as it is to fake MAC addresses?
More information about the CentOS
mailing list