On shared medium, I don't *think* dupe macs will cause much problem, unless maybe a congestion algorithm tweaks traffic to/from that mac. I'm not an expert in that area, just speaking from experience. ----- Original Message ----- From: Brian Candler [mailto:B.Candler@pobox.com] Sent: Wednesday, February 02, 2011 01:53 PM To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: Re: MAC Authentication - Bad Idea? On Wed, Feb 02, 2011 at 11:15:13AM -0800, Jim Rice wrote:
Do I need to be concerned with MAC spoofing?
It's easy to do, so it will probably happen; this risk is weighed against providing a service which is easy for your customers to use. What happens if two people try to use the same MAC address simultaneously on your wireless network? I suspect it will break service for both of them, which means that it's actually not very useful for freeloading. They'd have to coordinate to use it at different times. You could also look for simultaneous users in your RADIUS accounting logs. Regards, Brian. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html <font size="1"> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'> </div> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." </font>