Intruder, use my MACs and trying my IPs, how to prevent??

rado3105 · July 8, 2008, 3:38pm

Hi, somebody is using MAC addresses and trying my IPs, I use 802.11g, no encryption. Only people in wirelless access list can connect. For MAC+IP I use this rule in firewall:

23   ;;; VL(MAC+IP)
     chain=forward action=accept src-address=192.168.7.14 
     src-mac-address=00:4F:62:10:4D:91 

24   chain=forward action=log src-mac-address=00:4F:51:10:4D:91 
     log-prefix="changed-ip-VL" 

25   chain=forward action=drop src-mac-address=00:4F:51:10:4D:91

This is from log:

17:29:51 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.76.7:137->192.168.7.255:137, 
    len 96 
17:29:51 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.7.73:137->192.168.7.255:137, 
    len 96 
17:29:51 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.76.73:137->192.168.76.255:137, 
    len 96 
17:29:51 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.76.7:137->192.168.7.255:137, 
    len 96 
17:29:52 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.76.7:138->192.168.7.255:138, 
    len 201 
17:29:52 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 192.168.7.73:138->192.168.7.255:138, 
    len 201

Can you help how to prevent from this? How can he got my MACs and IPs(sniffing my network?)

rado3105 · July 8, 2008, 3:42pm

17:40:44 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:138->111.111.111.255:138, 
    len 202 
17:40:44 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78 
17:40:44 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78 
17:40:45 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78 
17:40:45 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78 
17:40:46 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78 
17:40:46 firewall,info info: changed-ip-ZI forward: in:Local out:Local, src-
    mac 00:02:72:6f:34:d7, proto UDP, 111.111.111.1:137->111.111.111.255:137, 
    len 78

seems that he tries IPs, my network is 192.168.7.0/24