How to check if a device is centrally blocked from network connection

Expand All

Devices sending more than 360 ARP requests per minute will be identified by MAC address and COWLS FroDos will not respond to further ARP requests from this MAC address for 1 hour.

A record of devices detected as exceeding this threshold is available to registered ITSS in Teams > ITSS Community > Technical > Files > arp source-mac attacks detected.

Further information

Rationale and technical background for this scheme were shared on the itss-discuss maillist at its inception in November 2021.

Devices generating traffic that is alleged or suspected to arise from a security compromise or illegal use of the device may be blocked by MAC address on request of OxCERT.

There is currently no means for registered ITSS to check if a specific MAC address has been blocked in this way.

Other types of restriction may be implemented on centrally-managed networks. These include:

  • Blocking an individual's remote access account, affecting their use of eduroam and OWL WiFi, Oxford VPN, and some college/department network services
  • Blocking selected types of network traffic regardless of the device or user

Get support


Local IT support provides your first line of on-the-spot help

FIND MY LOCAL IT TEAM

 

Common requests and fault reports can be logged using self-service

   USE IT SELF-SERVICE      

   LOG A SUPPORT CALL     

VIEW MY SUPPORT CALLS  

 

The Central IT Service Desk is available 24x7 on +44 1865 6 12345

If you do not have access to your Single Sign-On, you can use this form to contact the Service Desk