|
||||||||||
> <scekov at freemail dot com dot mk> wrote: > > Hi I have problem when I like to block some user to use > internet. Users use static IP adresses. One user ip is blocked, I > like to block MAC. He is cheating and he is always changing his > ip (with some ip that is not blocked and is not used at the > moment). I have add static arp entries for all users with arp -s > <IP> <MAC> but nothing was changed. User is changing his IP again > and again. Should I enable some option or something or maybe > someone can tell me some hard way:) how to implement this?? > > > > > If he's smart enough to change his IP around to get around > restrictions, he'll be smart enough to change his MAC address too (and > might be doing that already). That's not a good solution. > > Sounds like it's time for a non-technical solution. Depending on what > the environment is, the potential solutions will vary. > > You'll never find a way to lock out a determined person via MAC and/or > IP address controls. > > -Chris > What about captive portal? It relies on MAC and IP and user auth... if he spoofs someone's ip AND mac, they will get booted off until they re-authenticate I think... still might be simpler just to take a "teaching stick" and go educate him ;-) m/ |