Re: Is there a simple program that can block Mac addresses?
From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 01/31/04
- Next message: Steven Umbach: "Re: TCP Connection - Established"
- Previous message: Karl Levinson [x y] mvp: "Re: SUS Server"
- In reply to: jim: "Is there a simple program that can block Mac addresses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 Jan 2004 21:09:58 -0500
There are a few problems with what you're trying to do.
These users can also change or spoof their MAC addresses, which is a problem
for you. It would be more secure to use "port security" to whitelist which
MAC addresses are approved to communicate on each switch port, or use some
sort of authentication to the switch and/or computer. If you do per-user
authentication to access the network resource in question, it doesn't matter
what MAC address they choose.
Whatever you do involving MAC addresses, I would think it would have to be
done on their local subnet / switch [e.g. each and every subnet they might
plug into]. Once a packet makes the first hop through a router, the source
MAC address is rewritten to be the MAC address of the router. Said another
way, if you were to try to block inbound access to a computer by source MAC
address, it would only work if the other computer was on the same subnet.
The computer's source MAC address is not kept anywhere in the packet once
the packet traverses a router.
If you know the MAC address you want to block, I suppose you could try
running an arp spoofing / man in the middle tool such as shijack on one
computer on the local subnet, which can effectively prevent anything from
reaching that MAC address, or if you prefer, sniff their session, data and
passwords, or take remote control of their connections, even encrypted ones.
You would want to be careful not to cause performance problems for your
switches and network devices... and I would think you would need one such
computer for each of your subnets. Once they change their MAC address, your
denial of service attack stops working.
"jim" <jim_linkit@yahoo.co.uk> wrote in message
news:bvdsfu$r6rdo$1@ID-89358.news.uni-berlin.de...
> Is there any Windows software that can block Mac addresses on the incoming
> network adapter.
> I want to block certain users on a LAN, they keep changing there IP
> addresses on there Laptops.
>
> I have a spare PC with 3 NIC's in.
>
> I don't want DHCP,Firewall, Linux solutions .
>
> I just want a basic Windows program.
>
> Can you help?
>
> Cheers
>
>
>
- Next message: Steven Umbach: "Re: TCP Connection - Established"
- Previous message: Karl Levinson [x y] mvp: "Re: SUS Server"
- In reply to: jim: "Is there a simple program that can block Mac addresses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
