Home
Join

6 Replies

  • With most NIC's, it's a trivial matter to manually change the MAC in the device properties.

    That said, many devices now randomize MAC addresses for "security" and that's the default setting on many wireless devices now.  What you're seeing may simply be that and not the result of anything intentional.

    1 found this helpful thumb_up thumb_down
  • Okay, this is not wireless. The computer is on ethernet.

    Yes I can see the kid have changed the Mac on the Nic.

    Was this post helpful? thumb_up thumb_down
  • Fool the kids back...

    1,) create DHCP reservations for all 'known' devices far higher than the beginning of the DHCP pool

    2.) create a rule that will drop all traffic for addresses below and over the reserved addresses

    That would result in cutting them off, when they fool with mac addresses, as they would not get an IP address that would be allowed to get out

    And don't worry - they won't be able to connect any VPN when their IP is blocked.

    Some firewalls also support IP-MAC binding (or static ARP) .

    Even better would be to put the kids on a VLAN of their own and simply deny all traffic from that VLAN at given periods. They would have to 'rewire' the cables to get around that one.

    Would probably be simpler for them to move to their mobile phones...

    Spice (1) flagReport
    Was this post helpful? thumb_up thumb_down
  • Or just punish the kids.  Were this an employee, they would be fired on the spot.

    Spice (2) flagReport
    Was this post helpful? thumb_up thumb_down
  • Da_Schmoo wrote:

    Or just punish the kids.  Were this an employee, they would be fired on the spot.

    Punishing would be good......

    BUT.....

    challenging them to learn more about networking, while they are trying to find a way around the limitations,,,,,,has also some value.

    1 found this helpful thumb_up thumb_down
  • Thanks for the replies everyone
    I have the new Mac address plus the internal IP address yesterday for the machine in the firewall. So if he has changed the Mac address last night, the ip address will still block internet access.
    I will check if he has been so smart that he has set a static ip last night 🤣 🤣 will check a bit about DHCP reservation and VLan 😊

    Was this post helpful? thumb_up thumb_down

Read these next...