For added protection, a site within your network may need to verify that an IP address offered to the Eagle by a connecting host authentic. In other words, protection against IP address spoofing. Personal computers are inherently insecure and it is easy for users to change the configuration of the network software on them. EtherGuard is a component which uses ARP (Address Resolution Protocol) to check the physical Ethernet address (usually of the network adapter card in the workstation) against the Internet (IP) address for hosts specified in the authorization file. The authentication is performed via an encrypted message. An improper answer generates a message that warns of the possible security breach.
Modems on personal computers present yet another security risk to a computer network. A user with a home PC, for example, could dial up a server PC and then use the latter's local TCP/IP network connection to access secured resources. To provide this additional protection, a second component of EtherGuard running on the PC is utilized.
Whenever a connection from the PC is attempted, EtherGuard checks to see if the modem is in use. If so, the connection is dropped. This guarantees that you must be sitting at the PC's console to use this PC on the network. This is accomplished with a modified version of NCSA telnet software, supplied by Raptor Systems, that provides client support for telnet and both server and client support for ftp. This should be run in place of other network communication programs on each PC you wish to restrict. Other network programs, such as PC-NFS, can still be used to give strictly local network access, but remote access is only permitted through NCSA telnet.
Figure illustrates the components of EtherGuard,
and their relationships.