Re: Blocking user's by MAC address

From: Steven L Umbach (sumbach@ameritech.net)
Date: 04/03/03 

From: "Steven L Umbach" <sumbach@ameritech.net>
Date: Thu, 03 Apr 2003 03:14:12 GMT

         Using dhcp reservations could stop him from getting a dhcp address,
but that would be manageable only in a small network. Besides if someone
already knows your network tcp/ip info there is nothing to stop them from
doing a static configuration to gain access to the network. Ipsec would be
somthing to consider to secure a W2K/XP Pro network. Then a computer would
have to be a domain/forest member to gain access to any computer with a
"require" policy. There are issues when applying ipsec to domain controllers
though, and any W9X or NT4.0 computer would not be able to gain access to a
"require" policy computer. Here is something you might want to try, kind of
a reverse logic. Since you have the mac address, you could create a dhcp
reservation for it. Then you could create an ipsec policy that would block
any communications from that tcp/ip address you reserved. You could also
possibly use intrustion dection software to alert you when that tcp/ip
address is actively trying to access your network and log it. Of course the
user could get wise to this in short order, but it might give you enough
time to find him. --- Steve

"larryd" <rowlar@yahoo.com> wrote in message
news:034e01c2f974$76362e20$a101280a@phx.gbl...
> For the past month or so I have been playing cat and mouse
> with a unknown user in my win 2000 domain. They are able
> to a pull a DHCP address from my server even though I
> believe that they do not have a login account in my
> domain. (I understand that DHCP leases are negotiated
> during boot time) I can see the user in the DHCP and Wins
> databases, but I can't seem to figure out how to block
> this user from accessing my network. I have their MAC
> address, but not much more than that. Is there any win
> 2000 utility that I can use to pinpoint who this is? Is it
> possible to block someone by their MAC address? Any help
> you can provide will help stop a mouse that is becoming a
> real rat.
>
> Thanks

Relevant Pages

  • Re: VOIP with a linksys PAP2
    ... no BROADCAST) so TCP/IP will not work over it. ... presented with a menu and selected, IIRC, DHCP. ... > If you have no devices on the eth1 network which will be DHCP servers, ...
    (Fedora)
  • Re: {workgroup}"...is not accessible" after removing NWLINK
    ... I generally reboot the machine whenever I make network ... >problem is a browse service that won?t run on the XP machine using the TCP/IP ... >?The browser has forced an election on network ... >> computer, and one, or preferably two, of the Windows 98 computers. ...
    (microsoft.public.windowsxp.network_web)
  • Re: gethostbyname() in Multi-homed systems...
    ... NetBIOS over TCP/IP binds to the first IP address for each network adapter only. ... When a NetBIOS name registration is sent out, only one IP address is registered per adapter. ... The default gateway can be different for each adapter. ...
    (microsoft.public.windowsxp.embedded)
  • Re: Rebuild Microsoft Windows XP SP2 - Hardened, comments needed
    ... chipset & other drivers ... Disconnect network cable ... Disable netbios over tcp/ip {no side effect unless u using ... Install graphics driver ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: Lets get rid of NMEA
    ... each NMEA manufacturer today is addressing the inadequacies of NMEA ... products for ethernet networking. ... while everyone is hammering on using TCP/IP to replace NMEA: ... better since they reach every device on the network. ...
    (rec.boats.electronics)