Re: Blocking access to a network

From: Duane Arnold (Notme_at_notme.com)
Date: 05/31/05 

Date: Tue, 31 May 2005 15:11:50 GMT

shay wrote:

> Hi all,
> I have a Netgear DG834 ADSL Firewall Router with 4 PC connected to it.
> I have set the router to reserve IP's to certain mac addresses eg
> ip's ending 2 - 5.
>
> I have set the router to as a DHCP Server for ip's starting 2 -
> ending 5 so I think in theory no one else could connect to the router
> as there ar no more ip's in the pool.
>
That is true. However, since the router is not a wireless router where a
wireless attacker could obtain a DHCP IP from the router for their machine
to exploit a wireless connection is when limiting the number of DHCP IP(s)
that can be issued by the router would really mean anyting.
  
> The person that uses computer on ip No 3 has decided to pull out of the
> network (as we all split the costs) so I want to stop him from simply
> reconnecting and using the network.
>
> I have set the firewall to block all traffic on this IP. Eg
>

So, what if the person was able to get on to your network and uses one of
the router's static IP(s) where he configured the NIC on his or her
computer and used a static IP? A static IP is any IP on the router that is
not controlled by the DHCP server on the router.

Of course, if the router had MAC filtering, you could block the machine's
access to the Internet, since all NIC(s) have an unique MAC. But if you
blocked by MAC, he or she could always change the NIC on their machine.

Hopefully, the person is not savvy enough to come around the blocking of the
IP for the rules you have set.

Duane :)

 

Relevant Pages

  • Re: [opensuse] dhcp still waiting for data
    ... but the router and DHCP is working ... I tried Kai's suggestion of restarting the dhcp client. ... Well, guys, I guess I am off to buy a new ~ 10 EUR network card. ... What is the DNS adress of your provider? ...
    (SuSE)
  • 2wire router configuration
    ... firewall on this router and to configure my network ... Go to Home Network -> Advanced Settings ... X Default DHCP Pool ... Configure host to use DHCP with host name sent ...
    (comp.unix.bsd.freebsd.misc)
  • help
    ... Network, routers, DHCP and PXE ... wget vs fetch ... It's a Thomson SpeedTouch 585 router. ...
    (freebsd-questions)
  • Re: Freebsd 5.1 <-> Win XP Networking problems
    ... Danny MacMillan wrote: ... >> from any ip number forming part of that network and from the netmask. ... > located external to my network it should send the packet to the router ... > (using the router's MAC address) instead of arp-ing for the MAC address ...
    (freebsd-questions)
  • Re: Router or switch? Please advise
    ... Their response to why they frown on routers is that some people misconfigure them and broadcast their own DHCP signal to the network at large. ... Only way I could see that happening is if you plugged the school port into the LAN outlet on my router rather than the WAN. ... I doubt the college would give access to servers in their network from the dorm rooms or anything; without full control over the dorm room computers to ensure antivirus, etc. protection is installed they'd only be asking for big troubles. ... The only thing to watch for is if the IP address served up by the college DHCP is the same subnet as the DHCP server in your router. ...
    (microsoft.public.win2000.networking)