In article <1183990032.207562.283240@w3g2000hsg.googlegroups.c om>, David Schwartz wrote:
> The Internet worked quite well without the world wide web too.

Agreed, it was a much better place.

--
Roger Blake
(Subtract 10s for email.)

ArameFarpado wrote:
> Even the easter bunny can see your mac-adress if it knows your ip.

Only if he is on the same side of the router. Or is allowed to query
the ARP tables on your router.

rick jones
--
denial, anger, bargaining, depression, acceptance, rebirth...
where do you want to be today?
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

Em Segunda, 9 de Julho de 2007 19:05, Rick Jones escreveu:


>> Even the easter bunny can see your mac-adress if it knows your ip.
>
> Only if he is on the same side of the router. Or is allowed to query
> the ARP tables on your router.
>
> rick jones

Don't you put to much faith on that...

ArameFarpado wrote:
> Em Segunda, 9 de Julho de 2007 19:05, Rick Jones escreveu:
> >> Even the easter bunny can see your mac-adress if it knows your ip.
> >
> > Only if he is on the same side of the router. Or is allowed to
> > query the ARP tables on your router.

> Don't you put to much faith on that...

Given that I'm not worried about my world ending if someone knows the
MAC addresses of my systems... That being said, I am curious to learn
how MAC addresses are going to propagate through layer 3 devices. Or
are you referring to insecurities on the systems themselves?

rick jones
--
oxymoron n, Hummer H2 with California Save Our Coasts and Oceans plates
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

Em Segunda, 9 de Julho de 2007 19:48, Rick Jones escreveu:

> Given that I'm not worried about my world ending if someone knows the
> MAC addresses of my systems...
And you are right

> That being said, I am curious to learn
> how MAC addresses are going to propagate through layer 3 devices. Or
> are you referring to insecurities on the systems themselves?
I don't know how to do it, but i've seen guys fooling mac-adress filters of
routers to gain access to private wireless networks.

ArameFarpado wrote:
> I don't know how to do it, but i've seen guys fooling mac-adress
> filters of routers to gain access to private wireless networks.

Hmm, what sort of "routers" are we talking about here? Classic
Routers, or are we talking about "home routers" those
egg-laying-wooly-milk-pig mishmashes of switch, NAT, firewall, router
and wireless? I'm guessing the latter, with those guys operating on
the "same" side of the "router" (the wireless net) rather than on the
"far" side of the router. That though is simply pure speculation on
my part though.

rick jones
--
portable adj, code that compiles under more than one compiler
these opinions are mine, all mine; HP might not want them anyway...
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...

Em Segunda, 9 de Julho de 2007 20:52, Rick Jones escreveu:

> Hmm, what sort of "routers" are we talking about here? Classic
> Routers, or are we talking about "home routers" those
> egg-laying-wooly-milk-pig mishmashes of switch, NAT, firewall, router
> and wireless?
don't know, i didn't saw the router but i guess it was a home wireless
router.

> I'm guessing the latter, with those guys operating on
> the "same" side of the "router" (the wireless net) rather than on the
> "far" side of the router. That though is simply pure speculation on
> my part though.
they wore in the wireless area of the acess point, yes.

i'm just not to faithful about a mac can not be read for another point...
i've seen some wierd stuff, specialy done by high school guys.
i got a nephew that doesn't know much about computers but he knows ways to
bring down firewalls using wierd programs from remote points on the
internet. he and his friends old a huge collection of programs like nukes,
sniffers, war irc-scripts, password-crackers and other stuff...
i guess there is allways a way...

regards

ArameFarpado coughed up some electrons that declared:

> Em Segunda, 9 de Julho de 2007 19:48, Rick Jones escreveu:
>
>> Given that I'm not worried about my world ending if someone knows the
>> MAC addresses of my systems...
> And you are right
>
>> That being said, I am curious to learn
>> how MAC addresses are going to propagate through layer 3 devices. Or
>> are you referring to insecurities on the systems themselves?
> I don't know how to do it, but i've seen guys fooling mac-adress filters
> of routers to gain access to private wireless networks.

It's not very hard...

If they are connecting to the WIFI network, then they are automatically
within the same subnet. Given that the WIFI security is a MAC address
filter, we will assume no further encryption. So anyone can see every
packet.

Now one runs a simple scanner, eg tcpdump, on the WIFI interface and notes
the MAC address of other devices that appear to be happily engaged in
conversation.

Now re-configure your NIC to the same MAC address as someone else and you
are in.

The bizarre thing is that you *can* get away with running two duplicated
MACs on two different NICs simultaneously and, for TCP connections, the TCP
error handling sorts everything out well enough.

I've built two of these WIFI MAC-filter systems, one home and one large site
(with 2 colleagues). It is well known they are insecure, but they were
necessary due to the large number of handheld devices in use (does
everything support WPA? Or even WEP? etc...). It was considered "good
enough" for the job in hand, and cut the use of the network down from every
passerby to probably a few more persistent folk who could be bothered to do
the above, which was fine by us.

Cheers

Tim

On Sat, 7 Jul 2007 08:52:39 +0200 toni wrote:
| ipv4 it's a *little bit* too small (only approx 4.000.000.000 hosts... )
|
| ipv6, 128 bit, approx
| 1.000.000.000.000.000.000.000.000.000.000 hosts
| 1.000.000.000.000 <- this is a trillion

Closer to 340.282.366.920.938.463.463.374.607.431.768.211.45 6 if you do
not consider the addressing structure. Portions of the address space are
divided up for specific kinds of usage. 2000::/3 is for global addresses
for 42.535.295.865.117.307.932.921.825.928.971.026.432 total hosts ... if
everyone who gets a connection uses 18.446.744.073.709.551.616 of them.
Apparently the US government gets a whole /16 which means they can have
up to 281.474.976.710.656 subnets of up to 18.446.744.073.709.551.616 hosts.


| It'n only my opinion, or ipv6 is a little bit *expensive* and *wasteful*?

It might seem so. But it's a structure designed for a lot of flexibility
as well as leaving space available for future unanticipated needs for
special kinds of addresses.

--
I'm glad the Romans didn't invent the internet. I would
hate to have IP addresses like cxcii.clxviii.vii.xxxi.