banning by mac address

dummyparameter · 03 July, 2005, 15:47:06

i need to know the administrator command for banning any user by mac address.
plzzzzzzz help . ?(

Ubikk · 03 July, 2005, 18:57:58

Are you sure it's possible?

I would be interested in that also, because lots of users from my hub have a dinamic IP

Markitos · 03 July, 2005, 19:06:39

QuoteOriginally posted by Ubikk
Are you sure it's possible? :)
I would be interested in that also, because lots of users from my hub have a dinamic IP

I doubt so...

Dessamator · 03 July, 2005, 19:40:18

nope , not possible !

Quattro · 03 July, 2005, 19:44:51

I thought so too because mac address won't go outside internal network so it would only work if you run a lan-hub

Ubikk · 03 July, 2005, 22:11:14

The hub I run is made only for my LAN. Is there any chance for me to bann MAC's? :)

Dessamator · 03 July, 2005, 22:26:57

hmm indeed it might be possible depending on how ur network is set up!(im unsure though)

plop · 04 July, 2005, 00:03:12

QuoteOriginally posted by Ubikk
The hub I run is made only for my LAN. Is there any chance for me to bann MAC's? :)

use a real firewall 2 do this.
for example visnetic firewall.
the moment there is a router in the network between the hub and the client it isn't possible anymore.

plop

dummyparameter · 04 July, 2005, 12:27:00

atleast give the command.It can be used for intra-lan.

for the router stuff , is it not possible to look into a particular packet and get the mac add. of the actual originating machine. If possible , then we can get the script for mac bans.

else i got a solution : lets agree upon a DC client that especially sends the mac address along with the nick identification. then the hub can use scripts for mac ban.
for mac faking , i suggest we can make the client to send a key that is cryption of mac , processor serial. Now for this particular ip , when the admin. notifies , the hub can keep a log of this key. And ban this key at the ask of admin. .
though faking this would need changes at software level(in dc client). but a good encryption should keep 90% of the fakers away. A very good encryption can be one in which the hub provides a encryption key. that is only after receipt of a key from the hub the client can use it for making a key of its own and then enter the hub.
admin. can vary the hub-key as he wishes. The hub soft. will accordingly change the logs too.
(above makes the hub-logs independent of ip adds. + identifies the absolute combo of a processor serial and mac + the keys can be varied by admin. and fakers would be troubled each next time hub-key is changed)

but above can be applied only in the agreement of use of this particular client.

Dessamator · 04 July, 2005, 16:56:11

interesting idea, but as u so eloquently put it :

can be applied only in the agreement of use of this particular client.

dummyparameter · 04 July, 2005, 18:21:38

for a start big hubs can shift the entrance to this particular client. :]

i guess when the problem is at root , cutting branches wont help.

plop · 04 July, 2005, 18:52:32

QuoteOriginally posted by dummyparameter
atleast give the command.It can be used for intra-lan.

for the router stuff , is it not possible to look into a particular packet and get the mac add. of the actual originating machine. If possible , then we can get the script for mac bans.

else i got a solution : lets agree upon a DC client that especially sends the mac address along with the nick identification. then the hub can use scripts for mac ban.
for mac faking , i suggest we can make the client to send a key that is cryption of mac , processor serial. Now for this particular ip , when the admin. notifies , the hub can keep a log of this key. And ban this key at the ask of admin. .
though faking this would need changes at software level(in dc client). but a good encryption should keep 90% of the fakers away. A very good encryption can be one in which the hub provides a encryption key. that is only after receipt of a key from the hub the client can use it for making a key of its own and then enter the hub.
admin. can vary the hub-key as he wishes. The hub soft. will accordingly change the logs too.
(above makes the hub-logs independent of ip adds. + identifies the absolute combo of a processor serial and mac + the keys can be varied by admin. and fakers would be troubled each next time hub-key is changed)

but above can be applied only in the agreement of use of this particular client.

1) there is no sutch command.
2) the router replaces the mac for it's own sending mac.
this might make you think that it would be possible, but the internet is full of routers.
3) this can be bypased by altering the source, so it won't stop fakers (hence dc stealth).

plop

PtokaX forum

News:

banning by mac address

dummyparameter

Ubikk

Markitos

Dessamator

Quattro

Ubikk

Dessamator

plop

dummyparameter

Dessamator

dummyparameter

plop