Re: Blocking access to a network

shay wrote:

> Hi all,
> I have a Netgear DG834 ADSL Firewall Router with 4 PC connected to it.
> I have set the router to reserve IP's to certain mac addresses eg
> ip's ending 2 - 5.
>
> I have set the router to as a DHCP Server for ip's starting 2 -
> ending 5 so I think in theory no one else could connect to the router
> as there ar no more ip's in the pool.
>
That is true. However, since the router is not a wireless router where a
wireless attacker could obtain a DHCP IP from the router for their machine
to exploit a wireless connection is when limiting the number of DHCP IP(s)
that can be issued by the router would really mean anyting.
  
> The person that uses computer on ip No 3 has decided to pull out of the
> network (as we all split the costs) so I want to stop him from simply
> reconnecting and using the network.
>
> I have set the firewall to block all traffic on this IP. Eg
>

So, what if the person was able to get on to your network and uses one of
the router's static IP(s) where he configured the NIC on his or her
computer and used a static IP? A static IP is any IP on the router that is
not controlled by the DHCP server on the router.

Of course, if the router had MAC filtering, you could block the machine's
access to the Internet, since all NIC(s) have an unique MAC. But if you
blocked by MAC, he or she could always change the NIC on their machine.

Hopefully, the person is not savvy enough to come around the blocking of the
IP for the rules you have set.

Duane :)

 
Received on Thu Sep 29 19:53:31 2005