Way to block PC on LAN

Discussion in 'Computer Security' started by gabbey.maps@bkwds.dynanet.com, Aug 16, 2007.

  1. Guest

    On a 192. subnet, there's a PC that I would like to block (stop all
    communication to and from) using a software app or applet. What lean and
    mean software will do this? and should the IP or MAC address be blocked?

    -G
    , Aug 16, 2007
    #1
    1. Advertising

  2. Todd H. Guest

    writes:

    > On a 192. subnet, there's a PC that I would like to block (stop all
    > communication to and from)


    Why?


    It'll help answer your question.


    > using a software app or applet. What lean and mean software will do
    > this? and should the IP or MAC address be blocked?


    Indicating what platform said PC is running would be helpful.

    If you post a more answerable question, I'm sure you'll get great info
    here. As of right now, all I can recommend based on what you've said
    is that disconnecting the network cable from this machine would be the
    most effective method of achieving your stated goal.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
    Todd H., Aug 16, 2007
    #2
    1. Advertising

  3. On Aug 16, 3:59 pm, (Todd H.) wrote:
    > writes:
    > > On a 192. subnet, there's a PC that I would like to block (stop all
    > > communication to and from)

    >
    > Why?
    >
    > It'll help answer your question.
    >
    > > using a software app or applet. What lean and mean software will do
    > > this? and should the IP or MAC address be blocked?

    >
    > Indicating what platform said PC is running would be helpful.
    >
    > If you post a more answerable question, I'm sure you'll get great info
    > here. As of right now, all I can recommend based on what you've said
    > is that disconnecting the network cable from this machine would be the
    > most effective method of achieving your stated goal.
    >
    > Best Regards,
    > --
    > Todd H.http://www.toddh.net/


    If the PC is set to DHCP, put a bogus DHCP reservation in for the PC's
    MAC address - ie. 1.2.3.4. That may help :)
    Steve Williamson, Aug 16, 2007
    #3
  4. Guest

    On 16 Aug 2007 09:59:48 -0500, (Todd H.) brought the
    following to our attention:

    > writes:
    >
    >> On a 192. subnet, there's a PC that I would like to block (stop all
    >> communication to and from)

    >
    >Why?


    Well.. a friend is on the LAN now and I cannot trust or know what he/she
    has done on the wide area previously, and therefore do not want and
    communication with that NIC.

    >It'll help answer your question.
    >
    >> using a software app or applet. What lean and mean software will do
    >> this? and should the IP or MAC address be blocked?

    >
    >Indicating what platform said PC is running would be helpful.


    My platform is Win2k Pro and the other one is WinXp Home.

    >If you post a more answerable question, I'm sure you'll get great info
    >here. As of right now, all I can recommend based on what you've said
    >is that disconnecting the network cable from this machine would be the
    >most effective method of achieving your stated goal.
    >
    >Best Regards,


    I've found a way.. the other PC is running Sygate and I simply made up
    a rule to BLOCK my mac addr for everything. Kinda' a reverse firewall
    rule. Does that sound ok to you? Only problem is that Sygate crashes a
    lot on that machine.. rendering the rule ineffective.

    -G
    , Aug 16, 2007
    #4
  5. Todd H. Guest

    writes:

    > On 16 Aug 2007 09:59:48 -0500, (Todd H.) brought the
    > following to our attention:
    >
    > > writes:
    > >
    > >> On a 192. subnet, there's a PC that I would like to block (stop all
    > >> communication to and from)

    > >
    > >Why?

    >
    > Well.. a friend is on the LAN now and I cannot trust or know what he/she
    > has done on the wide area previously, and therefore do not want and
    > communication with that NIC.


    Fair enough. Why must you share a LAN with him?

    Regardless, treat him as a bid bad internet user and throw $50 at your
    own firewall/router/home gateway.


    > My platform is Win2k Pro and the other one is WinXp Home.


    k.

    > I've found a way.. the other PC is running Sygate and I simply made up
    > a rule to BLOCK my mac addr for everything. Kinda' a reverse firewall
    > rule. Does that sound ok to you? Only problem is that Sygate crashes a
    > lot on that machine.. rendering the rule ineffective.


    Exactly.

    I'd recommend an inexpensive network appliance between you and the
    threat as a first layer of protection. Zonealarm or Blackice as a
    client firewall on both of your machine might add some depth to that.

    Where is this LAN such that an untrusted friend has been added to it,
    and who owns it?

    --
    Todd H.
    http://www.toddh.net/
    Todd H., Aug 17, 2007
    #5
  6. (Todd H.) (07-08-16 22:36:18):

    > > I've found a way.. the other PC is running Sygate and I simply made
    > > up a rule to BLOCK my mac addr for everything. Kinda' a reverse
    > > firewall rule. Does that sound ok to you? Only problem is that
    > > Sygate crashes a lot on that machine.. rendering the rule
    > > ineffective.

    >
    > I'd recommend an inexpensive network appliance between you and the
    > threat as a first layer of protection. Zonealarm or Blackice as a
    > client firewall on both of your machine might add some depth to that.


    I find this a rather insecure solution, since the host user can just
    disable the rule, change their IP and MAC addresses and be back on the
    network. Besides disconnecting the cable (which is probably the best
    idea), you should make up a white-list for communication, instead of a
    black-list, probably coupled with a secure VPN.


    Regards,
    Ertugrul Söylemez.


    --
    Security is the one concept, which makes things in your life stay as
    they are. Otto is a man, who is afraid of changes in his life; so
    naturally he does not employ security.
    Ertugrul Soeylemez, Aug 17, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Alexis Crawford
    Replies:
    4
    Views:
    547
    Alexis Crawford
    Nov 14, 2003
  2. Neil
    Replies:
    174
    Views:
    3,210
    Briscobar
    Apr 17, 2006
  3. .
    Replies:
    1
    Views:
    8,921
    pcbutts1
    Jun 29, 2005
  4. WebWalker

    Block Internet Sharing in Lan

    WebWalker, Jan 25, 2005, in forum: Computer Information
    Replies:
    4
    Views:
    16,906
    Duane Arnold
    Jan 25, 2005
  5. John John

    AMD Opteron: 1-way, 2-way, ... Up to 8-way.

    John John, Dec 24, 2005, in forum: Windows 64bit
    Replies:
    12
    Views:
    763
    Tony Sperling
    Dec 27, 2005
Loading...

Share This Page