Posted by: Recon Number 54
Unless you load an active app onto the client that queries the local client hardware for the information and then sends it back to the server.
Which IMO is classic malware/spyware, which would be unethical to use.
Late Edit: But your point being, that it would also be unusable on the server side to then deny traffic, since the traffic doesn't have the MAC information embedded.Not necessarily.
It will likely have a MAC address if the local network on the server-side is using Ethernet, but the address will be the source address of the physical device connected to the other end of the cable from the network adaptor (NIC), such as a router.
Posted by: Alec9224
Ah, I was thinking that the ethernet frame was encapsulated, not replaced entirely as you work your way up the OSI model, but now that I think about it more I think you're right.
How would people go about getting around an IP ban? Obviously you can release and renew you address on a local machine or simply set it statically, but doesn't the ISP issue one public address for your modem? All addresses on the LAN are being mapped to the one public address using NAT, so banning the public address should block everything on the LAN.That would be PAT (Port Address Translation), where you overload a single address by assigning unique port numbers managed by the router.
An alternative is a NAT address pool, where a range/multiple addresses are chosen from a pool of addresses on the router to use as global address. This is what large organisation such as a university might use, and is why I have an issue with people saying things like "banning the whole school" or something to that effect.