How to block ip and mac address that is located in a network is easier in Linux. What is clear, we already know the ip address and mac Address used by the target.
Scan
To know the ip address and MAC Address target, do the scanning on the network first. The first step can be done is to do a scan with the help of ping and arp.
root @ zhane: ~ # ping-b-c 2-W 1 10.0.2.255
& /dev/null & done" onmouseover="this.style.backgroundColor='#ebeff9'" onmouseout="this.style.backgroundColor='#fff'">root @ zhane& /dev/null & done" onmouseover="this.style.backgroundColor='#ebeff9'" onmouseout="this.style.backgroundColor='#fff'">: ~ # for i in $ (seq 1 254); do ping-c 2-W 1 10.0.2. $ i> & / dev / null & done
root @ zhane: ~ # arp | grep eth
Results last from arp table will show you where my ip address is active along with its MAC Address in the 10.0.2.x ip net, other methods for scanning your ip is to use nmap tools.
root @ zhane: ~ # nmap-sp-PI-PT 10.0.2.1/24
by doing nmap to one ip address on a network, then the ip address of the other (active) can be found.
Block Ip
To do bloc ip, please use the iptables command as follows:
root @ zhane: ~ # iptables-I INPUT-s 10.0.2.212-j DROP
The above example is the command to block ip 10.0.2.212 to server. To delete orders,
root @ zhane: ~ # iptables-D INPUT-s 10.0.2.22-j DROP
Block MAC Address
To block MAC Address, actually almost the same.
root @ zhane: ~ # iptables-A INPUT-m mac-mac-source 00:00: b4: aa: c1: 34-j DROP
and to delete them, just run the same command by changing the option-A (add) becomes-D (delete)
root @ zhane: ~ # iptables-D INPUT-m mac-mac-source 00:00: b4: aa: c1: 34-j DROP
Hopefully useful ..
No comments:
Post a Comment