Focus on Apple
Prevent wireless to wired bridging May 31 2007 12:17AM
James Poland (jwpoland u washington edu) (3 replies)
Re: Prevent wireless to wired bridging Jun 06 2007 01:48AM
Ted Bedwell (ted bedwell sourcefire com)
Re: Prevent wireless to wired bridging Jun 02 2007 03:08AM
Chris Pepper (pepper reppep com)
Re: Prevent wireless to wired bridging May 31 2007 10:10PM
Ali, Saqib (docbook xml gmail com)
Not sure about Macs, but usually the wireless client has that feature
builtin. For e.g. Funk Odyssey automatically turns off wireless as
soon as wired connection is detected.

Saqib Ali
http://www.full-disk-encryption.net

On 5/30/07, James Poland <jwpoland (at) u.washington (dot) edu [email concealed]> wrote:
> I recently encountered an unusual situation where a firewall logged
> dropped packets where both the source and destination addresses were
> outside of my subnet. The logs clearly showed a port scan. Some
> investigation revealed that a user with a Mac laptop had connected to
> the wired subnet while their Airport wireless card was connected to
> our external wireless network. The port scan occurred over the
> wireless network. However, it appears that the ACK/RST packets that
> were sent in response to the port scan were forwarded to all
> interfaces, including the wired interface, and as such routed to the
> border device.
>
> I'm not familiar enough with Mac OS X to know if there's a quick and
> easy way to disable the wireless interface when a wired connection is
> made. I'd guess that inserting a command such as "ifconfig en1 down"
> in a script that fires off when the wired connection is made would do
> the trick, but I can't find such a script. Any ideas? Other methods?
> o/s is 10.4.9.
>
> Thanks.
>
> jp
>
>

--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus