A user is creating a problem in my hub he is logging with ops and masters nick and baning the users of the hub and i cant do anything i have change the password of all the masters and operator but then also i am facing the same problem.
So i thought of a script which will automatically track the MAC Address of the user When he gets in the hub for the 1st time and store it in the file and then after whenever the user gets in the hub it will check the users MAC Address and if they does not match then the user will not be allowed enter the hub and the message some message must be send to operators something like this "a nick has not allowed to enter the hub as his MAC is not matching" one more request tht MASTERs must be allowed to clear the MAC of user.
All scripter and members please reply on this post if such a script is possible to create as MAC Address is the only thing which is unique and no user can disturb it OR plzz suggest me any other way
1) MACs are changeable.
2) The hub knows nothing about the MACs.
Quote1) MACs are changeable.
2) The hub knows nothing about the MACs.
1) thts y i asked tht master must be able to clear the mac of user
2) but it can be possible through script tht v can get MAC address of the user???
OR plzz suggest me someother way
Quote from: Yahoo on 04 May, 2007, 11:40:55
2) but it can be possible through script tht v can get MAC address of the user???
No.
Quote from: Yahoo on 04 May, 2007, 11:40:55
OR plzz suggest me someother way
Erm well, this needs some firewall solution, and works for clients on the same LAN only, since MAC addresses don't resolve over routers.
QuoteErm well, this needs some firewall solution, and works for clients on the same LAN only, since MAC addresses don't resolve over routers.
sorry but i didnt get it
Quote from: Yahoo on 04 May, 2007, 13:09:28
sorry but i didnt get it
OK. You get to the internet via routers that tell the packets where to go. This can be visualised by opening the Windows command prompt and typing e. g. 'tracert google.com'.
http://en.wikipedia.org/wiki/Routing
Clients behind the router are on the same subnet, and they can see each other's MAC. However, if 2 clients communicate via a router, no MAC addresses can be resolved.
but i am hosting hub on lan so no question of router arises. as my hub is hosted behind the router... so now is it possible to create such a script plzzzz...... can u create it
No, it is not possible to create such a script. The only way would be to make an inverse ARP lookup witha commandline tool, but that's insane, and it would block the hub and create popup windows every time a user connects.
hmm so it is impossible to create such a script..... :(
so no chance to stop such hackers. :(
How come this chap is able to get the password?
Is easy, password is send as plain text to hub, and is very easy to sniff it on lan...
Hi ninad,
Does your LAN assign you static or dynamic IPs? If static it could be scripted so people can only login with a specified IP
Use a script to protect your OP count, for example it's inbuilt in leviathan but I think it was done as standalone script
On connection, the checking is done, if the ip (or dns) doesn't match with count then the user is ban or disconnected automatically :)
i dont want the script check the ip bcoz user change the op very offen (infact i change my ip everyday) so it will be not tht effective. thts y i gave the suggestion of MAC address bcoz it the only thing tht is unique to all pc
nope it's not unique cause it can be change.
for the pronlem of dynamic ip, ask them to create a dyndns or no-ip account (for those who have a static ip it's not useful), so you can enter the dns and not the ip in the script, by this way your OP count will be protected, it's the most secure way that we have for the moment, I think Toobster made a standalone script of count protection, give it a try, you will see it's a good one :)
well i think we use static ips on LAN that mostly starts with 172.xx.xx.xx or 10.xx.xx.xx.
can we not have set of few such parameters that can not be changed by a user on daily basis and the combination will be unique for each user.
share size could be of it, i think b'coz its should be very difficult for ne user to have the EXACT share as that of ne other to the very last bit, isnt it?
so if there are 2 or 3 such "unique parameters" (i.e if share size was 1) then it would be good enough.
thks,
I think this is what the FilterBan script is trying to 'achieve'. :P
However, the protocol hould care about this.
Must be a weird LAN where all are allowed to change their IPs all the time. I am a network administrator with ~200 clients so I know what I am talking about.
hi mutor, what do u think can this script be possible to create???
Quote from: Yahoo on 05 May, 2007, 17:17:23
hi mutor, what do u think can this script be possible to create???
Again: this can not be scripted.
if we try to create a program ( in c or c++) which will give us MAC Address of a user and store it in a file and then the script will work on tht file something like this
This can be done with Windows commandline tools. How to achieve:
1) Ping the address.
2) Locate it in the arp table (arp -a xxx.xxx.xxx.xxx)
3) You can feed this info to Lua, but this will kill your hub, this is not a recommended method.
Complain at your netadmin instead.
Quote from: bastya_elvtars on 05 May, 2007, 13:46:53
Must be a weird LAN where all are allowed to change their IPs all the time.
acutally its a budding lan, i usually reg 3 to 5 ppl every day and my hub is not the that big compared to other hubs.
that means there are many NEW ppl coming every day so thats the reasons ips keeps on changing.
Quote from: Mutor on 05 May, 2007, 18:05:12
The best way I think is to attack the source.
the source would be to remove the hackers from hub?
i wont mind doing even that to protect my hub
Is static IP an option?
well bastya i m not clear with term static ips or dynamic ips. :-\
but i still kno its static ip that we use.
Then if you register a user, try forcing them to always use the same IP.
i dont think ne normal user changes ip for fun unless there ip is taken by some other user.
u got to be here n c this, even the hub ips are taken away if they r not on for a few days
This is definitely a management issue then.
ne permanent solutions?
What is a 'budding lan'?
yea its happned to me too not now but before its happend to me i changed pass 324234 times for all ops and master and him get the pass agian i thing its same plugs to hack ptokax
Quote from: bastya_elvtars on 05 May, 2007, 20:06:21
What is a 'budding lan'?
by this i meant that it is a fast growing lan network.
sorry for late reply.
Quote from: achiever on 08 May, 2007, 11:57:14
by this i meant that it is a fast growing lan network.
Who is administering this?
Can you please do the following:
Start menu - Run - cmd /k ipconfig /renew
Paste the output here.
well here it is
Windows IP Configuration
The operation failed as no adapter is in the state permissible for
this operation.
can u explain what this is?
and
Quote from: bastya_elvtars on 08 May, 2007, 12:48:35
Who is administering this?
administering what?
Ahh, so this is a network where everyone sets their own IPs in an arbitrary way. Is there a network administrator on this LAN?
no
Quote from: achiever on 08 May, 2007, 13:33:22
well here it is
Windows IP Configuration
The operation failed as no adapter is in the state permissible for
this operation.
can u explain what this is?
For a network adapter, there are two ways to assign an IP. the first way is when you enter it manually (as you do it now). The second is to have it set by a DHCP-server.
ok so what is the thing u were checking?
and what are u trying to explain me which i m far from understanding? :(
i understood what DHCP is some what but i think the problem will be in setting it up?
Isn't there anyone maintaining this LAN?
no
And where is the router? Who are behind this router?
if i know the mac address of a user which i want to block then is it possible to create a script which will block tht mac user only
No, is not possible with script ::)
Quote from: bastya_elvtars on 09 May, 2007, 11:51:43
And where is the router? Who are behind this router?
i have got no idea of where the router is? i think our service providers control it.
I think if someone is smart enough to sniff passwords, they are also smart enough to change their MACs.
but no one can guess tht they are block or ban bcoz there MAC Address has been banned. the script must not mentioned tht the user is block due to difference in the users MAC address. let us be postive and giv this a try dont u think so
Quote from: Yahoo on 09 May, 2007, 18:52:23
but no one can guess tht they are block or ban bcoz there MAC Address has been banned. the script must not mentioned tht the user is block due to difference in the users MAC address. let us be postive and giv this a try dont u think so
Well, we still cannot provide such a script.
i m not sure if scripts can read what is being added in the the hub-description box (below hub name and adderess) when we add a new hub.
but if the script can read it can a script be made
--- which will make a code such that its only know to the script and the user not even to the ops will kno that.
--- if a person logins without it he should not be allowed to connect.
--- if user losses it he should at least remember his pass knowing which only 1 perticular op can get that code which will be changed the 1st time the user logins again.
should work only if hub-description can be read by scripts
so what u ppl think? :)
achiever, if u have so many ideas then i think you should only try for such a script :P
It will be great to have such a script..........
c'mon ppl give some response, or is there such a script already done or is it not possible?
plzz reply what u think of it.
Well, the topic has been long enough and this request has been denied. I am locking this now, because I really do not want to se the same question popping up one hundred and twenty-seven more times. Feel free to discuss the protection against these flaws elsewhere.