From: /dev/rob0 (no email)
Date: Mon Sep 04 2006 - 08:19:06 EDT
On Monday 04 September 2006 04:24, Heinz Ulrich Stille wrote:
> > mynetworks = !192.168.0.5, !192.168.0.73, 192.168.0.0/24
> What do you want to achive? Don't you trust those machines or users?
> If so, what keeps them from using any other IP? If those hosts really
> are local, you'd need at least something like MAC-based filtering.
Um, it's trivial to spoof a MAC address. My laptop, for instance, uses
the same MAC whether connected via wireless or Ethernet. My home server
uses the MAC of an old 10Base-T card I haven't used in years on its
external interface (so I keep the same IP with the ISP.)
In many cases IP-based access is quite good enough, and in no cases is
MAC-based access much better.
-- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header