Vague title, but read below, its my only thought so far.
In january I had a user with an iphone on my network repeatedly doing the wrong thing, I wont go into detail. This user was repeatedly warned, but continued this activity stating "I will continue to do this". I copied down the mac address and after one final warning kicked the user which led to a major tantrum and smashing the phone on my desk... its still here... in pieces. I unbanned the mac address at the time thinking there was no threat.
In about july the user turned up with a new phone and had access to the network. I assumed one of the other admins let him on. It was explained to him that repeating the previous behaviour would result in a permanent ban, no third chances.
I went to the access list and copied down the new mac address, and bugger me, it is the same as the OLD phone... the same phone still sitting in pieces on my desk. I spoke to the other admin and they said they didnt give access.
The user does not in any way have the skill set to clone mac addresses, and it is extremely unlikely has friends who would.
There is a very very very slight chance I screwed up, blocked the wrong phone (he may have had two) or stuffed some sort of blocking up. Things were pretty stressed back then (approximately march).
Is there any way possible the mac address could have been cloned somehow through icloud or some ported settings? I think wifi access passwords can be so that makes me think I may have blocked the wrong phone.
Any suggestions welcome
No comments:
Post a Comment