Giuseppe Patane' wrote: > > Hi, > I use netboot to boot my cluster of Linux PCs. All of the PCs in the > cluster are visible only inside my private network. But, the server > containing the bootpd has two network cards and it is connected to the > external LAN, too. Some questions about this: > 1) Can somebody on the external LAN change the MAC address of a network > card and boot from my server as if it was a machine of mine ? > 2) To avoid the previous problem, can I prevent the bootpd from listening > to the card connected to the external LAN ? Yes. Use a firewall (if Your server is an Linux PC, read the Firewall-HOWTO, it is quite simple: No IP from your internal net should be allowed to do anything on your external card. Further, you could deny all requests to the broadcast address on the external card klaus -- mit freundlichen Gruessen, Klaus Muth HAGOS eG Industriestr. 62 fon: (+49) 711 78805-86 EDV-Programmierung D-70565 Stuttgart fax: (+49) 711 78805-99 http://www.hagos.de Germany mailto:muth@hagos.de ----------------------------------------------------------------------- Alle heissen hier Klaus, nur nicht Norbert, der heisst Ernst! =========================================================================== This Mail was sent to netboot mailing list by: Klaus Muth <muth@hagos.de> To get help about this list, send a mail with 'help' as the only string in it's body to majordomo@baghira.han.de. If you have problems with this list, send a mail to netboot-owner@baghira.han.de.
For requests or suggestions regarding this mailing list archive please write to netboot@gkminix.han.de.