From owner-freebsd-security Fri Jul 2 3:12:30 1999 Delivered-To: freebsd-security@freebsd.org Received: from lazlo.internal.steam.com (lazlo.steam.com [199.108.84.37]) by hub.freebsd.org (Postfix) with ESMTP id 4801D15059 for ; Fri, 2 Jul 1999 03:12:24 -0700 (PDT) (envelope-from cliff@steam.com) Received: from lazlo.internal.steam.com (cliff@lazlo.internal.steam.com [192.168.32.2]) by lazlo.internal.steam.com (8.9.3/8.9.3) with ESMTP id DAA01796; Fri, 2 Jul 1999 03:10:47 -0700 (PDT) Date: Fri, 2 Jul 1999 03:10:47 -0700 (PDT) From: Cliff Skolnick X-Sender: cliff@lazlo.internal.steam.com To: Josef Karthauser Cc: Dag-Erling Smorgrav , Snob Art Genre , Bill Fink , freebsd-security@FreeBSD.ORG Subject: Re: your mail In-Reply-To: <19990702104239.X69050@pavilion.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Add permanent, static arp entries for all your legit mac/ip combos, then disable arp on your gateway. You can disable arp with a "-arp" on the ifconfig line according to the man page. This should keep him busy, of course I would just swap ethernet cards with another user in the house...never mind. Cliff On Fri, 2 Jul 1999, Josef Karthauser wrote: > On Fri, Jul 02, 1999 at 11:24:04AM +0200, Dag-Erling Smorgrav wrote: > > Josef Karthauser writes: > > > As an associated thing can anyone think of an easy way of ignoring traffic > > > coming from a particular MAC address on the network? I've got a user who > > > keeps changing their IP address to get arround the fact that I've restricted > > > traffic to that address. > > > > So terminate him. > > Ah, if only life were that simple ;) There are laws against that kind of > thing :o). > > He's on a local area network that I'm part of. I provide routed access to > the internet, but he's allowed access to the network to connect to other > users (this is at home, not at work - he rent's a room from me.) The problem > is that he's running Internet Explorer 5 in stupid "go on line for no reason > at all" mode and until he's either un-installed it, or fixed the problem > I've told him that I'm shutting down his internet access. That said he's > been a naughty boy and changed his IP address a couple of times to other > people's. He thinks that I don't know, but of course I've got changing > ARP addresses. What I'd like to do now is ignore his MAC address on the > server instead to get around this. (I could disconnect him from the network > but that's harder to police.) > > Joe > -- > Josef Karthauser FreeBSD: How many times have you booted today? > Technical Manager Viagra for your server (http://www.uk.freebsd.org) > Pavilion Internet plc. [joe@pavilion.net, joe@uk.freebsd.org, joe@tao.org.uk] > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- Cliff Skolnick | "They that can give up essential liberty to obtain Steam Tunnel Operations | a little temporary safety deserve neither liberty cliff@steam.com | nor safety." http://www.steam.com/ | -- Benjamin Franklin, 1759 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message