by Tryptophan on Thu Apr 08, 2004 2:29 am
errrr.....yeah.....next time my pc logs onto domain "delphinidae", my local SMB network domain, and the internet traffic works shall I report it to ITS as a security flaw? As long as the NIC (Of the RESNET facing GW) is authed in DHCP..again nothing to do with the switches aside from holding copies of authed MACs, there is no reason in networking to stop the data, the only 2 things that might need doing are a) ensure the switches in question have the correct list of macs and update the GW address in DHCP/the router table.
Trust me, having set an unauthed nic to some ip in the same subnet as my box, and being able to see it (nbtstated it), when infact it was 15 B classes higher in its DHCP assigned address I know that inter-subnet traffic is un-affected (as long as it doesn't cross a a hall boundary, or wherever the auth filtering is done), except by ITS fiddling about with drop matches, mainly on port fields (handy things like port 21/80 et al :dammit:). Its perfectly possible, I've had to do it at home to bypass machines I've had to fix.