Print Page - banning by mac address

Title: banning by mac address
Post by: dummyparameter on 03 July, 2005, 15:47:06

i need to know the administrator command for banning any user by mac address.
plzzzzzzz help . ?(

Title:
Post by: Ubikk on 03 July, 2005, 18:57:58

Are you sure it's possible? :)
I would be interested in that also, because lots of users from my hub have a dinamic IP

Title:
Post by: Markitos on 03 July, 2005, 19:06:39

QuoteOriginally posted by Ubikk
Are you sure it's possible? :)
I would be interested in that also, because lots of users from my hub have a dinamic IP

I doubt so...

Title:
Post by: Dessamator on 03 July, 2005, 19:40:18

nope , not possible !

Title:
Post by: Quattro on 03 July, 2005, 19:44:51

I thought so too because mac address won't go outside internal network so it would only work if you run a lan-hub

Title:
Post by: Ubikk on 03 July, 2005, 22:11:14

The hub I run is made only for my LAN. Is there any chance for me to bann MAC's? :)

Title:
Post by: Dessamator on 03 July, 2005, 22:26:57

hmm indeed it might be possible depending on how ur network is set up!(im unsure though)

Title:
Post by: plop on 04 July, 2005, 00:03:12

QuoteOriginally posted by Ubikk
The hub I run is made only for my LAN. Is there any chance for me to bann MAC's? :)

use a real firewall 2 do this.
for example visnetic firewall.
the moment there is a router in the network between the hub and the client it isn't possible anymore.

plop

Title:
Post by: dummyparameter on 04 July, 2005, 12:27:00

atleast give the command.It can be used for intra-lan.

for the router stuff , is it not possible to look into a particular packet and get the mac add. of the actual originating machine. If possible , then we can get the script for mac bans.

else i got a solution : lets agree upon a DC client that especially sends the mac address along with the nick identification. then the hub can use scripts for mac ban.
for mac faking , i suggest we can make the client to send a key that is cryption of mac , processor serial. Now for this particular ip , when the admin. notifies , the hub can keep a log of this key. And ban this key at the ask of admin. .
though faking this would need changes at software level(in dc client). but a good encryption should keep 90% of the fakers away. A very good encryption can be one in which the hub provides a encryption key. that is only after receipt of a key from the hub the client can use it for making a key of its own and then enter the hub.
admin. can vary the hub-key as he wishes. The hub soft. will accordingly change the logs too.
(above makes the hub-logs independent of ip adds. + identifies the absolute combo of a processor serial and mac + the keys can be varied by admin. and fakers would be troubled each next time hub-key is changed)

but above can be applied only in the agreement of use of this particular client.

Title:
Post by: Dessamator on 04 July, 2005, 16:56:11

interesting idea, but as u so eloquently put it :

Code Select

can be applied only in the agreement of use of this particular client.

Title:
Post by: dummyparameter on 04 July, 2005, 18:21:38

for a start big hubs can shift the entrance to this particular client. :]

i guess when the problem is at root , cutting branches wont help. :D

Title:
Post by: plop on 04 July, 2005, 18:52:32

QuoteOriginally posted by dummyparameter
atleast give the command.It can be used for intra-lan.

for the router stuff , is it not possible to look into a particular packet and get the mac add. of the actual originating machine. If possible , then we can get the script for mac bans.

else i got a solution : lets agree upon a DC client that especially sends the mac address along with the nick identification. then the hub can use scripts for mac ban.
for mac faking , i suggest we can make the client to send a key that is cryption of mac , processor serial. Now for this particular ip , when the admin. notifies , the hub can keep a log of this key. And ban this key at the ask of admin. .
though faking this would need changes at software level(in dc client). but a good encryption should keep 90% of the fakers away. A very good encryption can be one in which the hub provides a encryption key. that is only after receipt of a key from the hub the client can use it for making a key of its own and then enter the hub.
admin. can vary the hub-key as he wishes. The hub soft. will accordingly change the logs too.
(above makes the hub-logs independent of ip adds. + identifies the absolute combo of a processor serial and mac + the keys can be varied by admin. and fakers would be troubled each next time hub-key is changed)

but above can be applied only in the agreement of use of this particular client.

1) there is no sutch command.
2) the router replaces the mac for it's own sending mac.
this might make you think that it would be possible, but the internet is full of routers.
3) this can be bypased by altering the source, so it won't stop fakers (hence dc stealth).

plop

PtokaX forum

PtokaX => Support => Topic started by: dummyparameter on 03 July, 2005, 15:47:06