LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-30-2004, 07:30 AM   #1
ciop
LQ Newbie
 
Registered: Feb 2004
Location: Bucharest
Posts: 3

Rep: Reputation: 0
Router - Access Restriction


The situation looks like this: (it's highly technical challenging and "human resource" deffective ...)

There is a LAN in which the computers are located in appartments.
In one appartment there is a linux router that gives access to the network for some computers , and to the network and Internet for other computers.
One bum that only has network access is scanning the network , finding out what IP/MAC addresses are used , changes his own IP/MAC ... and goes out to the Internet without being allowed to.

Besides the highly subjective nature af the issue ... how can I restrict this bum from accessing the Internet ?

I don't have a layer 3 swhitch and he has absolute rights over his own computer ... so the only way would be to restrict him from the router.(other than unplugging him from the switch).

I'm all out of ideas so please jump in with a thought.

Thank you !

P.S. Making fun of me for letting myself get in a situation like this ... is deffinetly allowed.
 
Old 10-30-2004, 09:36 AM   #2
m00t00
Member
 
Registered: Sep 2004
Distribution: Slackware 10, Gentoo
Posts: 292

Rep: Reputation: 30
well theres a number of solutions, have you tried the "big stick and a tire iron" way?
 
Old 10-30-2004, 11:00 AM   #3
neilman
Member
 
Registered: Oct 2004
Location: Northville, MI
Distribution: Slackware
Posts: 65

Rep: Reputation: 15
If he can clone a MAC and IP, and assume the role of any of the other computers on the network, you'll simply have to unplug him from the Ethernet switch. Unless your switch has the capabilities of assigning a specific IP address to a port, or a specific MAC address to a port, I'd just unplug him. Or, you can create a VLAN (virtual LAN) that isolates him, and him only, so that he cannot see the other computers on the network (this is usually a feature of higher end switches, or managed switches). An important thing to note is that attacks/exploits from the [i]inside[/b] are very tough to combat.. so agressive measures need to be taken. My first step, while trying to figure out the more technical methods that I've mentioned above, would be to disconnect him completely.
 
Old 10-30-2004, 11:28 AM   #4
m00t00
Member
 
Registered: Sep 2004
Distribution: Slackware 10, Gentoo
Posts: 292

Rep: Reputation: 30
Like I said. Big stick and a tire iron...
 
Old 11-01-2004, 10:27 PM   #5
shmude
Member
 
Registered: Aug 2003
Distribution: Fedora, DSL, LAS, Knoppix
Posts: 83

Rep: Reputation: 15
What about installing another NIC in the router and then attatch that specific computer to the nic (or though another switch/hub). Then you should be able to block his access to the internet. Set it up something like this

NIC 1: Internet
NIC 2: Bad Guy
NIC 3: Rest of network


Then restrict the bad guy nic from accessing the internet, but ok to access rest of the network, The rest of network can access the internet.
Something like this should work for you. It would be helpful to know what routing software you are using too.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid Access Timing Restriction problem gurusmaran Linux - Security 1 10-19-2005 02:03 AM
Linux Filesystem access restriction Pico_01 Linux - General 5 07-07-2005 12:34 PM
CVS access restriction pedrosan Linux - Software 0 05-21-2004 03:33 AM
Can't Access Outside of my Router kasb Linux - Networking 9 10-26-2003 07:56 PM
Telnet Access Restriction mocha Linux - Networking 1 09-16-2001 02:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration