Not sure about Macs, but usually the wireless client has that feature
builtin. For e.g. Funk Odyssey automatically turns off wireless as
soon as wired connection is detected.
Saqib Ali
http://www.full-disk-encryption.net
On 5/30/07, James Poland <jwpoland (at) u.washington (dot) edu [email concealed]> wrote:
> I recently encountered an unusual situation where a firewall logged
> dropped packets where both the source and destination addresses were
> outside of my subnet. The logs clearly showed a port scan. Some
> investigation revealed that a user with a Mac laptop had connected to
> the wired subnet while their Airport wireless card was connected to
> our external wireless network. The port scan occurred over the
> wireless network. However, it appears that the ACK/RST packets that
> were sent in response to the port scan were forwarded to all
> interfaces, including the wired interface, and as such routed to the
> border device.
>
> I'm not familiar enough with Mac OS X to know if there's a quick and
> easy way to disable the wireless interface when a wired connection is
> made. I'd guess that inserting a command such as "ifconfig en1 down"
> in a script that fires off when the wired connection is made would do
> the trick, but I can't find such a script. Any ideas? Other methods?
> o/s is 10.4.9.
>
> Thanks.
>
> jp
>
>
builtin. For e.g. Funk Odyssey automatically turns off wireless as
soon as wired connection is detected.
Saqib Ali
http://www.full-disk-encryption.net
On 5/30/07, James Poland <jwpoland (at) u.washington (dot) edu [email concealed]> wrote:
> I recently encountered an unusual situation where a firewall logged
> dropped packets where both the source and destination addresses were
> outside of my subnet. The logs clearly showed a port scan. Some
> investigation revealed that a user with a Mac laptop had connected to
> the wired subnet while their Airport wireless card was connected to
> our external wireless network. The port scan occurred over the
> wireless network. However, it appears that the ACK/RST packets that
> were sent in response to the port scan were forwarded to all
> interfaces, including the wired interface, and as such routed to the
> border device.
>
> I'm not familiar enough with Mac OS X to know if there's a quick and
> easy way to disable the wireless interface when a wired connection is
> made. I'd guess that inserting a command such as "ifconfig en1 down"
> in a script that fires off when the wired connection is made would do
> the trick, but I can't find such a script. Any ideas? Other methods?
> o/s is 10.4.9.
>
> Thanks.
>
> jp
>
>
--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
[ reply ]