Re: Prevent\Detect Dual Homing


Aaron Leonard wrote:
~ It is possible to bridge wireless and wired NIC in XP. Thus, this is
~ why we want a script that disable the wireless NIC and left the wired
~ NIC active.
~
~ Any out there can help. Thanks
~
~ happy.ppp wrote:
~ > Do anyone know of any script that tweak the registry to disable the
~ > wireless NIC when both the wired and wireless NIC is detected.
~ >
~ > Pls advise and thanks.
~ >
~ >
~ > happy.ppp wrote:
~ > > You does this by using route metric. However, for directly connected
~ > > subnet of wireless NIC, you shall goes via the wireless NIC instead of
~ > > the wired NIC. We want everything to goes thru the wired NIC and
~ > > disable the wireless NIC in total.
~ > >
~ > >
~ > > Merv wrote:
~ > >
~ > > > If not Windows XP, set the interface route metrics so that the wired
~ > > > interface has a lower metric
If you have Cisco switches, then turn on BPDU guard on the wired access
ports. Then when the XP user configures bridging and turns on both wireless
and wired adapters, the switch will shut down the port to the wired adapter.
Not exactly what you're asking for, but it will at least thwart the
bridging.

Aaron

Yes!!!

This is the key.

However, you do not need to rely on BPDU guard (I don't think)

Aaron, why will the wired adaptor lose in this situation?

You may be able to arrange the STP parameters
to get the results that you want.

In Spanning Tree Protocol the most important thing
is the root path cost so by varying the interface costs
you should be able to get what you want. One
way or another.

You will probably find that you have to turn off portfast
which will result in additional delay when ports come up
but with modern switches you will be able to tune the timers.

Post the topology ascii art or a link to a diagram
and maybe something can be suggested.

.

Relevant Pages

  • Re: startup postgresql 9.0.3
    ... I've been trying to get postgresql to start on bootup using ... This script is not in rc.subr format, looks a tad "Linuxy" at first glance. ... the ports build output. ... a sysadmin I make it a point to not shoot myself in the foot. ...
    (freebsd-questions)
  • Re: Problem with script to add printers ports, need help.
    ... >> first want to add the printer ports but I am running into a problem. ... >> Just for the heck of it I ran the template script from the script center and ... > and ports on local and remote computers. ... > Instrumentation scripts in Windows Server 2003, ...
    (microsoft.public.windows.server.scripting)
  • Re: [Full-disclosure] Brute force attack - need your advice
    ... But please state a config that someone with experience can not get into, is more of a point that security is ever evolving. ... Yup it is security by obscurity and it will help against a script kiddie that won't take the time to scan all ports, thats why I suggested move to a high non-standard port. ... I'm not talking about downloading blacklists but dynamic firewall rules and scripting to achieve a dynamic list based on ranking of attacks against the box. ...
    (Full-Disclosure)
  • Re: portupgrade script problem
    ... >I have a script I am running to update my ports. ... While many of us do run a nightly cron job to upgrade the ports tree, ...
    (comp.unix.bsd.freebsd.misc)
  • Re: allowing ordinary users to open privileged ports
    ... Creating a setuid shell script creates a major security hole. ... allowing ordinary users to open privileged ports ... > server application using the ports specified at configuration. ... > client shares the server application's port settings. ...
    (Focus-SUN)