On 3/20/11 5:39 PM, Chris Kloiber wrote: > On 03/05/2011 03:58 AM, erikmccaskey64 wrote: >> I have an OpenWrt 10.03 router [ IP: 192.168.1.1 ], and it has a DHCP >> server pool: 192.168.1.0/24 - clients are using it through >> wireless/wired connection. Ok! >> >> Here's the catch: I need to separate the users from each other. >> >> How i need to do it: by IPTABLES rule [ /etc/firewall.user ]. Ok! >> >> "Loud thinking": So i need a rule something like this [on the OpenWrt >> router]: >> >> - DROP where SOURCE: 192.168.1.2-192.168.1.255 and DESTINATION is >> 192.168.1.2-192.168.1.255 >> >> The idea is this. Ok! >> >> Questions! >> - Will i lock out myself if i apply this firewall rule? >> - Is this a secure method? [ is it easy to do this?: hello, i'm a >> client, and i say, my IP address is 192.168.1.1! - now it can sniff >> the unencrypted traffic! :( - because all the clients are in the same >> subnet! ] If you want to stop sniffing of the unencrypted traffic, then IPTables IS NOT THE WAY TO GO. You should either remove the sniffer program or make it so that only users with root capabilities can run it (sudoers should not have the program in it.) >> - Are there any good methods to find/audit for duplicated IP addresses? >> - Are the any good methods to find/audit for duplicated MAC addresses? arp should dump the entire cache. There should be a method to do the same thing for IP addresses? Looks like you have a larger problem than what you are looking at. If you are a security specialist, then you should know all of the tools you have at your disposal to find and destroy the bad nasties in your own network (hint, if you are running a Linux based router, they are there.) James McKenzie -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
