Way to block PC on LAN

Discussion in 'Computer Security' started by gabbey.maps, Aug 16, 2007.

  1. gabbey.maps

    gabbey.maps Guest

    On a 192. subnet, there's a PC that I would like to block (stop all
    communication to and from) using a software app or applet. What lean and
    mean software will do this? and should the IP or MAC address be blocked?

    -G
     
    gabbey.maps, Aug 16, 2007
    #1
    1. Advertisements

  2. gabbey.maps

    Todd H. Guest

    Why?


    It'll help answer your question.

    Indicating what platform said PC is running would be helpful.

    If you post a more answerable question, I'm sure you'll get great info
    here. As of right now, all I can recommend based on what you've said
    is that disconnecting the network cable from this machine would be the
    most effective method of achieving your stated goal.

    Best Regards,
     
    Todd H., Aug 16, 2007
    #2
    1. Advertisements

  3. If the PC is set to DHCP, put a bogus DHCP reservation in for the PC's
    MAC address - ie. 1.2.3.4. That may help :)
     
    Steve Williamson, Aug 16, 2007
    #3
  4. gabbey.maps

    gabbey.maps Guest

    Well.. a friend is on the LAN now and I cannot trust or know what he/she
    has done on the wide area previously, and therefore do not want and
    communication with that NIC.
    My platform is Win2k Pro and the other one is WinXp Home.
    I've found a way.. the other PC is running Sygate and I simply made up
    a rule to BLOCK my mac addr for everything. Kinda' a reverse firewall
    rule. Does that sound ok to you? Only problem is that Sygate crashes a
    lot on that machine.. rendering the rule ineffective.

    -G
     
    gabbey.maps, Aug 16, 2007
    #4
  5. gabbey.maps

    Todd H. Guest

    Fair enough. Why must you share a LAN with him?

    Regardless, treat him as a bid bad internet user and throw $50 at your
    own firewall/router/home gateway.

    k.
    Exactly.

    I'd recommend an inexpensive network appliance between you and the
    threat as a first layer of protection. Zonealarm or Blackice as a
    client firewall on both of your machine might add some depth to that.

    Where is this LAN such that an untrusted friend has been added to it,
    and who owns it?
     
    Todd H., Aug 17, 2007
    #5
  6. (Todd H.) (07-08-16 22:36:18):
    I find this a rather insecure solution, since the host user can just
    disable the rule, change their IP and MAC addresses and be back on the
    network. Besides disconnecting the cable (which is probably the best
    idea), you should make up a white-list for communication, instead of a
    black-list, probably coupled with a secure VPN.


    Regards,
    Ertugrul Söylemez.
     
    Ertugrul Soeylemez, Aug 17, 2007
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.