How to block Mac changer Program?

Discussion in 'Tomato Firmware' started by piyaphon, Mar 28, 2008.

  1. piyaphon

    piyaphon LI Guru Member

    How to block Mac changer Program? Or I can block computer name?
  2. sillydoh

    sillydoh LI Guru Member

    Use WEP or better yet, WPA... MAC filter is at best only one step better than unprotected. WEP isn't too far ahead either....
  3. danix71

    danix71 LI Guru Member

    Please explain.
  4. kevanj

    kevanj LI Guru Member

    My guess is the OP is having a problem with someone using a program like this:

    and wnts to know how to block traffic from the computer that keeps changing it's MAC address, probably in an effort to cirumvent MAC address blocking that the OP has put in place.

    Certainly you can't 'block the MAC address changing program', but some scripting might do the trick...a cron job to ping the machinename (if you can resolve it from the router), extract the IP, then replace a rule in iptables by inserting the IP derived from the ping command might be implementable...unfortunately I am not a scripter...maybe I'll learn... :smile:
  5. Kiwi8

    Kiwi8 LI Guru Member

    The marginal benefit of using MAC Filtering is simply not enough for the effort used in implementing it. U are better off using WPA/WPA2 encryption.
  6. sillydoh

    sillydoh LI Guru Member

    True. Mac filtering/WEP isn't that bad as a first line of protection since that will keep out most everyone and likely try someother unprotected router. However, once you find someone determined to use your router, then it's time to use WPA...
  7. JensG

    JensG Network Guru Member

    You can try the script generator:

    to make a script that will only give bandwidth to the MAC addresses that are entered.
  8. kevanj

    kevanj LI Guru Member


    if you ever come back....

    Tomato has the ability to block based on MAC it seems you are trying to block a computer where the MAC address keeps changing. Assuming this computer is on your internal LAN, why not just use the Access Restriction page to create arule that will deny all Internet access to any MAC other than those you want to have access. Collect a list of all the devices that you wish to allow access to the internet, create a rule that denies access 'All Day, Every Day' to 'All Except', and enter your list. The only way your 'bad guy' will be able to access the internet will be to spoof the MAC of a machine already on your network. It's not perfect, but it might help....
  9. sillydoh

    sillydoh LI Guru Member

    I assumed that was what he was talking about. A person using a mac changing program sounds like someone who's trying to spoof an address to gain access to the router that's been set to allow access to only certain computers/mac addresses...

    (I guess it would help if he actually went into a little more detail on what he was doing.. Like if he's restricting access to only certain mac addresses or if he's blocking certain mac addresses from access...)
  10. TexasFlood

    TexasFlood Network Guru Member

    I used to allow only certain MAC addresses, hoping it would add some security when I was only doing WEP encryption. I still had one client device that couldn't do WPA. While it adds some security, it does little to stop the determined. At one tiime MAC spoofing was harder but you have assume now that anyone can spoof any MAC and there is no way to tell. After I went to WPA with a strong key, I turned off the MAC filtering since it's a pain to maintain and figured I was losing nothing of value.
  11. LLigetfa

    LLigetfa LI Guru Member

    My guess is the OP is trying to restrict bandwidth by MAC/IP and someone that has access is getting around the restrictions. Either that or the OP is running an open AP and trying to blacklist abusers.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice