Prevent wireless to wired bridging May 31 2007
James Poland
I recently encountered an unusual situation where a firewall logged
dropped packets where both the source and destination addresses were
outside of my subnet. The logs clearly showed a port scan. Some
investigation revealed that a user with a Mac laptop had connected to
the wired subnet while their Airport wireless card was connected to
our external wireless network. The port scan occurred over the
wireless network. However, it appears that the ACK/RST packets that
were sent in response to the port scan were forwarded to all
interfaces, including the wired interface, and as such routed to the
border device.

I'm not familiar enough with Mac OS X to know if there's a quick and
easy way to disable the wireless interface when a wired connection is
made. I'd guess that inserting a command such as "ifconfig en1 down"
in a script that fires off when the wired connection is made would do
the trick, but I can't find such a script. Any ideas? Other methods?
o/s is 10.4.9.



