RE: [squid-users] MAC bacsed ACL

From: SSCR Internet Admin <[email protected]>
Date: Wed, 19 Feb 2003 15:02:58 -0800

This has been the problem with win9x machine where they can freely
reconfigure everything. I used the policy editor for this where they dont
have access to the network configuration plus i barred them running regedit
and dos prompts. I guess thats enough for them stop messing around. With
your 200 users, well create a lock .REG file on a disk and run it on those
workstation, if you want to unlock it, create a unlock. REG file on disk.

-----Original Message-----
From: hare ram [mailto:hareram@sol.net.in]
Sent: Tuesday, February 18, 2003 10:42 PM
To: SSCR Internet Admin; Henrik Nordstrom
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] MAC bacsed ACL

Hi thanks for the suggestion

Lets take example

if X- have IP address 192.168.1.1
X is not Online and

Y - Try to use the same IP 192.168.1.1

he will get access, if X - want connect then they will be conflict right ?

how to solve this kind of problem

thanks
hare
----- Original Message -----
From: "SSCR Internet Admin" <admin@sscrmnl.edu.ph>
To: "hare ram" <hareram@sol.net.in>; "Henrik Nordstrom"
<hno@squid-cache.org>
Cc: <squid-users@squid-cache.org>
Sent: Thursday, February 20, 2003 3:55 AM
Subject: RE: [squid-users] MAC bacsed ACL

> This will be accomplished by making a pinpoint ACL ip address in a file
>
> Example:
>
> acl limited src "/etc/squid/limited"
>
> and inside limited file you can have
>
> 192.168.100.2/32
> .
> .
> .
> 192.168.xxx.yyy/32
>
>
> AND
>
> ACL full_access src "/etc/squid/full"
>
> xxx.xxx.xxx.xxx/32 and so on
>
>
> That would ease your problem, and if they change ip address, they will not
> have an access to the internet since you are not allowing an entire
network.
>
>
> Regards
> Nats
>
> -----Original Message-----
> From: hare ram [mailto:hareram@sol.net.in]
> Sent: Tuesday, February 18, 2003 9:55 PM
> To: Henrik Nordstrom
> Cc: squid-users@squid-cache.org
> Subject: Re: [squid-users] MAC bacsed ACL
>
>
> Hi Henrik
>
> You were saying the MAC based ACL is no so Secure
> then what methode is secure,
> if i does the the IP based Access List
> User can change any free IP and Start Browsing, and other PC who have the
> same IP will have IP conflict or so.
>
> what is the recomendation for the securing the access for the user to use
> the same PC rather move or connect the LAN connection to another PC
>
> suggetion will appriciate
>
> hare
> ----- Original Message -----
> From: "Henrik Nordstrom" <hno@squid-cache.org>
> To: "hare ram" <hareram@sol.net.in>
> Cc: <squid-users@squid-cache.org>
> Sent: Tuesday, February 18, 2003 10:06 PM
> Subject: Re: [squid-users] MAC bacsed ACL
>
>
> > Why are you using MAC based ACLs? MAC based acls are technically NOT
> > more secure than IP based ACLs, only more complex to define as each MAC
> > address is 12 hex numbers..
> >
> > 200 MAC addresses is not very many for Squid to manage. To ease
> > management I would recommend putting them in a separate file and include
> > this from squid.conf if you have not already done so.
> >
> > Regards
> > Henrik
> >
> >
> > tis 2003-02-18 klockan 16.45 skrev hare ram:
> > > Hi all
> > >
> > > iam trying to make MAC based ACL, i have 200PC MAC based ACL, looks
very
> > > long,
> > > does any one have alternative method to use this 200 MAC address ACL
in
> > > short
> > >
> > > thanks
> > > hare
> > --
> > Henrik Nordstrom <hno@squid-cache.org>
> > MARA Systems AB, Sweden
> >
> >
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.455 / Virus Database: 255 - Release Date: 2/13/2003
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.455 / Virus Database: 255 - Release Date: 2/13/2003
>
>

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.455 / Virus Database: 255 - Release Date: 2/13/2003
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.455 / Virus Database: 255 - Release Date: 2/13/2003
Received on Tue Feb 18 2003 - 23:57:49 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:13:28 MST