• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Switch configuration

Status
Not open for further replies.
user234a

user234a

PCHF Member
May 20, 2022
3
1
113
#1
Hi all, I am trying to learn network security to stop a user on my wifi who is not obeying the rules (streaming only no other users) I implemented open dns and have used my routers limited mac functionality to prevent others from gaining access and have set up static ips with only a certain number of ips needed to allow all devices to connect, the open dns certainly has stopped them accessing sites like a charm however it was this that tipped me off to the fact somebody else is using the network and and the only way possible to my limited knowledge would be for this person to pass his mac address on for someone to clone. I have done some research 802.1x certifcates radius server etc and decided I can get a managed switch with port security. but here is where I am a little confused, the switch will be configured to run one port to a access point how do I configure the switch to only allow one mac or multiple without clones from the AP and not shutdown the port if a cloning attempt occurs? probaly a very noob question this, any help or a pointer in th right irection would be appreciated :) .
ps. I fear the will soon start using a vpn to bypass dns blocking, can a protect li firewall/router and pfsense prevent this?
 
#3
What you are asking goes above what I know, if it were a particular machine I could help lock it down.

As far as Mac address filtering that would be the best way to go, and a cloned Mac address could work but in my experience when there is a cloned device on at the same time it really slows things down for the cloned device, almost to the point of unusable.

There are programs that can block via hosts file, and I'm not certain that a VPN would circumvent that or not. That would not help with a phone tho... Also, you would need to install this on the persons machine and disable them being able to uninstall it.


www.sordum.org

BlueLife Hosts Editor v1.3

BlueLife Hosts editor is a Portable freeware to simplify "hosts" file editing Process, you can Speed up most visited webpages or block unwanted domain names.
www.sordum.org www.sordum.org
www.sordum.org

AskAdmin v2.0

AskAdmin is a quick and practical solution to restrict (block) Applications from being executed in Windows, drag and drop any App to block it
www.sordum.org www.sordum.org

Pretty much I do not think this is what you want, but just shooting in the dark here and maybe this will help you.
 
#6
I would have suggested a Cisco Meraki or a Sophos XG firewall, coupled with a good managed switch, say by Ubiquiti and using their Controller software to lock down each port on the network.
but for home use, they are usually out of peoples price range.
 
  • Like
Reactions: Malnutrition
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu