Focus on Apple
Prevent wireless to wired bridging May 31 2007 12:17AM
James Poland (jwpoland u washington edu) (3 replies)
Re: Prevent wireless to wired bridging Jun 06 2007 01:48AM
Ted Bedwell (ted bedwell sourcefire com)
Re: Prevent wireless to wired bridging Jun 02 2007 03:08AM
Chris Pepper (pepper reppep com)
At 12:17 AM +0000 2007/05/31, James Poland wrote:
>I recently encountered an unusual situation where a firewall logged
>dropped packets where both the source and destination addresses were
>outside of my subnet. The logs clearly showed a port scan. Some
>investigation revealed that a user with a Mac laptop had connected
>to the wired subnet while their Airport wireless card was connected
>to our external wireless network. The port scan occurred over the
>wireless network. However, it appears that the ACK/RST packets that
>were sent in response to the port scan were forwarded to all
>interfaces, including the wired interface, and as such routed to the
>border device.
>I'm not familiar enough with Mac OS X to know if there's a quick and
>easy way to disable the wireless interface when a wired connection
>is made. I'd guess that inserting a command such as "ifconfig en1
>down" in a script that fires off when the wired connection is made
>would do the trick, but I can't find such a script. Any ideas? Other
>methods? o/s is 10.4.9.

You should be able to fire off a script by hooking into the
configd system, which performs notifications when network interfaces
come up/down ("tail -f /var/log/system.log" and change your
connectivity to see what I mean).

I once had a script that ran whenever I plugged in Ethernet,
although it broke and I never did get it to auto-trigger again.

See the manual pages for configd, scselect, & scutil.

Chris Pepper: <>
The Rockefeller University: <>
** I am out of the office May 25-June 1, returning June 4.
Please call the Help Desk at x8940 if you need assistance.

[ reply ]
Re: Prevent wireless to wired bridging May 31 2007 10:10PM
Ali, Saqib (docbook xml gmail com)


Privacy Statement
Copyright 2010, SecurityFocus