This is just wrong: MS security chief becomes DHS cybersecurity boss

  • Thread starter Thread starter Virus Guy
  • Start date Start date
Sure I would, you're the idiot that claims that Windows is not secure.

I know home users that have run for years without AV software and with
nothing more than a simple NAT router and their machines were clean of
all detectable malware when check.

So, which way do you want it - either Windows is the problem or the
people, like you, are the problem. I'm going with PEOPLE like you are
the problem.
Click to expand...


Uneducated users for whatever reson, are the problem. Proper policies and
security in place, accidents most likely won't happen until hardware
failure occurs.
 
From: "Dustin Cook" <[email protected]>




| Mine wouldn't. :) MAC filtering rules are in place. hehehehe.


Yeah, we have MAC filtering in place too.

PITA when I have to have a notebook motherboard replaced. Then I have to supply the MAC
and Machine name to the central IT group.
Click to expand...

MAC filtering? Is that an inside joke? :)
 
Char Jackson said:
MAC filtering? Is that an inside joke? :)
Click to expand...

MAC filtering:
From Wikipedia, the free encyclopedia
In computer networking, MAC Filtering (or EUI filtering, or layer 2
address filtering) refers to a security access control methodology
whereby the 48-bit address assigned to each network card is used to
determine access to the network.
MAC addresses are uniquely assigned to each card, so using MAC filtering
on a network permits and denies network access to specific devices
through the use of blacklists and whitelists. While the restriction of
network access through the use of lists is straightforward, an
individual person is not identified by a MAC address, rather a device
only, so an authorized person will need to have a whitelist entry for
each device that he or she would use to access the network.

-jen
 
MAC addresses are uniquely assigned to each card, so using MAC filtering
on a network permits and denies network access to specific devices
through the use of blacklists and whitelists. While the restriction of
network access through the use of lists is straightforward, an
individual person is not identified by a MAC address, rather a device
only, so an authorized person will need to have a whitelist entry for
each device that he or she would use to access the network.
Click to expand...

While MAC addresses are uniquely "Assigned" many devices permit the user
to change the MAC address.
 
While MAC addresses are uniquely "Assigned" many devices permit the
user to change the MAC address.
Click to expand...

Yes, but you don't know the allowed MAC addresses programmed into the
router. You'd need to know that and several other things before you'd have
any access of any sort. :)
 
Yes, but you don't know the allowed MAC addresses programmed into the
router. You'd need to know that and several other things before you'd have
any access of any sort. :)
Click to expand...

It's generally trivial to sniff traffic on a network segment (wired if
you have physical access, or better yet wireless if available) to see
which MAC addresses are allowed. When an allowed MAC goes quiet, clone
it and you're in. Easy, peasy.

In security circles, I thought it was widely known and accepted that
MAC address filtering only provides a false sense of security. It
tends to be more inconvenient for the legitimate user than to the
rogue visitor since it's so easily bypassed.
 
It's generally trivial to sniff traffic on a network segment (wired if
you have physical access, or better yet wireless if available) to see
which MAC addresses are allowed. When an allowed MAC goes quiet, clone
it and you're in. Easy, peasy.

In security circles, I thought it was widely known and accepted that
MAC address filtering only provides a false sense of security. It
tends to be more inconvenient for the legitimate user than to the
rogue visitor since it's so easily bypassed.
Click to expand...

You intend to packet sniff an encrypted network? Well, have fun doing it.
 
Bingo.
Click to expand...

True Enough... It's obviously not a perfect method of security and
shouldn't be used by itself. But, for layered defenses, it'll keep the
script kiddies at bay.
 
True Enough... It's obviously not a perfect method of security and
shouldn't be used by itself. But, for layered defenses, it'll keep the
script kiddies at bay.
Click to expand...

It's so trivial to bypass that I wouldn't say it will keep anyone at
bay, but it should slow someone down by a few minutes, and sometimes a
few minutes can be the difference between an attack and moving on to
someone else.
 
Back
Top