From owner-freebsd-security Fri Jul 2 2:42:47 1999 Delivered-To: freebsd-security@freebsd.org Received: from florence.pavilion.net (florence.pavilion.net [194.242.128.25]) by hub.freebsd.org (Postfix) with ESMTP id 5646314C04 for ; Fri, 2 Jul 1999 02:42:44 -0700 (PDT) (envelope-from joe@florence.pavilion.net) Received: (from joe@localhost) by florence.pavilion.net (8.9.2/8.8.8) id KAA30209; Fri, 2 Jul 1999 10:42:40 +0100 (BST) (envelope-from joe) Date: Fri, 2 Jul 1999 10:42:40 +0100 From: Josef Karthauser To: Dag-Erling Smorgrav Cc: Snob Art Genre , Bill Fink , freebsd-security@FreeBSD.ORG Subject: Re: your mail Message-ID: <19990702104239.X69050@pavilion.net> References: <19990702095858.V69050@pavilion.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Dag-Erling Smorgrav on Fri, Jul 02, 1999 at 11:24:04AM +0200 X-NCC-RegID: uk.pavilion Organisation: Pavilion Internet plc, 24 The Old Steine, Brighton, BN1 1EL, England Phone: +44-845-333-5000 Fax: +44-845-333-5001 Mobile: +44-403-596893 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jul 02, 1999 at 11:24:04AM +0200, Dag-Erling Smorgrav wrote: > Josef Karthauser writes: > > As an associated thing can anyone think of an easy way of ignoring traffic > > coming from a particular MAC address on the network? I've got a user who > > keeps changing their IP address to get arround the fact that I've restricted > > traffic to that address. > > So terminate him. Ah, if only life were that simple ;) There are laws against that kind of thing :o). He's on a local area network that I'm part of. I provide routed access to the internet, but he's allowed access to the network to connect to other users (this is at home, not at work - he rent's a room from me.) The problem is that he's running Internet Explorer 5 in stupid "go on line for no reason at all" mode and until he's either un-installed it, or fixed the problem I've told him that I'm shutting down his internet access. That said he's been a naughty boy and changed his IP address a couple of times to other people's. He thinks that I don't know, but of course I've got changing ARP addresses. What I'd like to do now is ignore his MAC address on the server instead to get around this. (I could disconnect him from the network but that's harder to police.) Joe -- Josef Karthauser FreeBSD: How many times have you booted today? Technical Manager Viagra for your server (http://www.uk.freebsd.org) Pavilion Internet plc. [joe@pavilion.net, joe@uk.freebsd.org, joe@tao.org.uk] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message