Re: Don't connect to specific wired networks?

From: Dan Williams <dcbw redhat com>
To: José Queiroz <zekkerj gmail com>, "networkmanager." <networkmanager-list gnome org>
Subject: Re: Don't connect to specific *wired* networks?
Date: Thu, 10 Dec 2015 12:37:55 -0600

On Thu, 2015-12-10 at 15:37 -0200, José Queiroz wrote:

2015-12-10 14:55 GMT-02:00 Dan Williams <dcbw redhat com>:

On Thu, 2015-12-10 at 08:06 -0800, Nikolaus Rath wrote:

Hello,

Is there a way to prevent NetworkManager from automatically
connecting
to specific *wired* networks?

I think the network could be identified by the presence (or
absence)
of
specific MACs, but I'd be open to other suggestions as well.


That's the best option for now, but of course there are security
issues
with that since any MAC address can be spoofed.  There are vague
plans
to attempt to automatically identify wired networks by listening to
the
wire for a few seconds and detecting 802.1x EAP-Request Identity
packet
s or ARPing a specific IP address and matching the returned MAC. 
 This
feature would  have to be opt-in because obviously it would delay
network connections.

If that's something you'd be willing to work on, that would be
great...
what do you say? :)

Dan



What about using IPv6 RA messages to do that?


This could be another check among many, yes.  Though to prevent DoS
most routers have a configured minimum advertisement interval which
could be much longer than a few seconds.

Dan

Follow-Ups:
- Re: Don't connect to specific *wired* networks?
  - From: José Queiroz

References:
- Don't connect to specific *wired* networks?
  - From: Nikolaus Rath
- Re: Don't connect to specific *wired* networks?
  - From: Dan Williams
- Re: Don't connect to specific *wired* networks?
  - From: José Queiroz

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Don't connect to specific *wired* networks?

Re: Don't connect to specific wired networks?