I want to know something about mac spoofing or mac cloning.

we offer trial on our hotspot and when a guest tries network it can use internet for 30 minutes and after it he changes mac address and then can use it again, it is a one case, many pirates try to get access to the registered user via changing mac address , is their any solution of this?

is their any way to block the pirates? what's the best solution?

One way is to use Layer2 switches but you say "guests" which mean not static user. for certain users which you know them one way is to use arp but for this issue . . .

No, you have no way of preventing people from changing their MAC address and going after a free account. Removing the trial account is likely the best that you can do, or make it very restrictive. It is their computer under their control, you have no access or control over it so you can't prevent them from doing anything to their machine. I believe there are switches out there that won't pass traffic from unknown MAC addresses, but if you are in a hotspot situation that is too big of a pain to manage or have anything to do with, not to mention the costs.

Is there any way to use other characteristic like Computer name or something else which they can't change them or don't think about it?

Nope, hotspot is a layer2/3 function, host names and the like don't enter into that or the process, so would be unavailable to the server. Also computers can and often do have the same host names, so blocking based off of that would cause a lot of problems.

If you don't want people abusing the free access system you need to lock it down a lot, or remove it. Then to prevent people from stealing access from legitimate people, you need to set up the client isolation on the layer2 portion of the network to prevent them from doing so. The only other real option open to you is living with them and dealing with it the best that you can.

Not a real solution, but it's something.
You could make a seperate hotspot profile for trial users and run a script which sends you an e-mail on each trial login.
This way, you at least "see it" when you get continued trial logins from the same hotspot. If it happens you could (temporary?) disable trial logins.

Kind regards
B


Report this post

Hey,

To expand on that, could you give an example of a script to report / log trial logins. We also offer 1/2 hour free, but will just have to put up with users technical enough to change MAC address.. however, we would like to run a script that would compile a list of trial users, lookup the hostname to mac address and then email or log this somehow.

任何人有任何搁浅船受浪摇摆estions for how to start / formulate such a script?

cheers