Ip Blocker For Mac

Posted onby

Solved: Hi all, I need to block this mac address in my 3550 switch. I enable port security but this mac address comes and do the violation and port is shut down. 3408.0499.981c - this is mac. Like Ethernet, 802.11 makes use of a device's MAC address to uniquely identify it on the network. However, it's trivial to change the MAC address of a wireless interface under most operating systems. Overview MAC address filtering is more secure than IP address filtering, as MAC addresses are rarely changed. In an environment with DHCP, the IP addresses of hosts change dynamically, so filtering MAC addresses is more reliable and feasible to identify and filter the source and destination of network traffic.

  1. Top 10 Ip Blockers
  2. Beethink Ip
  3. Best Ip Blocker For Mac
  4. Beethink Ip Blocker For Mac
  5. Ip Blocker For Mac Os X

Of all the metaphors used to describe the internet, one of the most appropriate might be the “Wild West.” The Wild West, just like the internet, was expansive and difficult to regulate, and filled with bandits and marauders who would take advantage of someone without batting an eye.

While technological progress has fortified internet security, in reality there are still many ways for bad actors to infiltrate a business or person’s website, email, or online persona in order to wreak havoc.

Just as it would have been in the Wild West, it’s important to learn how to protect yourself from external threats. The basic security offered by internet servers can ward off some infiltration attempts, but often crafty criminals slip through the cracks.

Learning how to identify and block the IP address of an online pest is perhaps the best way to improve your security on the internet.

It all starts with a great domain. Get yours at Domain.com.

What is an IP Address?

Blocking IP addresses might be the most effective way to bolster your internet security, but what good is that knowledge if you don’t know what an IP address is?

The best way to think of an IP address is by comparing it to a street address. Think about your place of residence—you receive bills, packages, and guide friends to your house by giving them a combination of numbers and letters. That combination—your address—is used to single out your location in relation to all other possible locations.

IP addresses work in the exact same way.

  • Each device that’s connected to the internet is assigned a unique IP address.
  • A device’s IP address allows the device to interact with, receive information from, and otherwise contact other devices and networks on the internet.

Simply put, an IP address places internet users on the grid. Without it, they would be unable to communicate with other networks.


What do IP Addresses Look Like?

Even though most internet users connect to the internet using an IP address on a daily basis, the vast majority of people don’t know what an IP address looks like.

There are two forms that an IP address can take. The first is IPv4, which stands for “Internet Protocol version 4.” The second is IPv6, which stands for — can you guess? — “Internet Protocol version 6.”


Invented all the way back in the 70s, IPv4 was the first wave of IP addresses. Most devices are still connected to the internet using an IPv4 address, but that started to change in 2011 with the release of IPv6.

  • IPv4 addresses are composed of four numbers between 0-255, separated by dots or periods.
  • An IPv4 address might look like:

From the inception of the internet, IP addresses were provided using the IPv4 model. However, all of the available IPv4 addresses have been allocated, necessitating the move to IPv6.


On June 6, 2012, IPv6 was launched by organizations like the Internet Society, among others. IPv6 addresses use a hexadecimal digit system, separates groups using colons, and may include letters.

  • The number of conceivable IPv6 addresses is enormous and won’t run out anytime soon.
  • An IPv6 address might look like: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

The complexity of an IPv6 address means that the internet will be prepared to host an even larger number of connected devices in the future.

Why Block an IP Address?

There are several reasons a business, educational institution, or internet user would attempt to block an IP address. In general, the most common reasons are:

  • Blocking Bots, Spammers, and Hackers: When bots, spammers, and hackers attempt to infiltrate your website, it can put a heavy strain on your bandwidth and decrease the speed with which you and other users can access your website. If you run a business online, this can be detrimental to sales.
  • Limiting Website Access: Many academic institutions and businesses use IP blocking to limit the websites that students or employees can visit. The goal is typically to increase productivity by limiting distractions.
  • Protecting Data: Hackers often attempt to infiltrate websites to steal data or other important information. That information can be used to blackmail or otherwise undermine a company.
  • Maintaining Confidentiality: Many academic institutions and companies who keep sensitive records—like transcripts, health records, etc.—are regularly targeted by hackers. Identifying threatening IP addresses and placing them on a blacklist is an essential step to keep those records safe and confidential.

This list should only be seen as the tip of the iceberg. There are countless reasons that an individual or organization might want to block certain IP addresses, and there should be no underestimating how malicious certain internet hackers can be.

How to Block an IP Address

Ultimately, blocking an IP address allows administrators and website owners to control website traffic. The process of blocking an IP address—or several—changes depending on the operating system that’s being used.

While there are several different operating systems, the most common are Windows and Mac. We’ll cover the steps for blocking an IP address using both of these systems, which achieve the same goal through slightly different means.

Blocking an IP Address for Mac Users

To block an IP address on your Mac computer, you’re going to need access to your wireless router (or LAN router, which connects to the internet using an Ethernet cable). Knowing the password is essential, which can often be found printed or stuck on the outside of the modem.

  1. System Preferences: Find the Apple menu, represented as the Apple logo in the top left corner of your computer screen. Open the dropdown menu and select “System Preferences.” Once your System Preferences menu appears, find the icon labeled “Network.” Then, press the “Advanced…” bar at the bottom of the screen. Navigate to the TCP/IP tab, where you should find your IPv4 or IPv6 address.
  2. Access Router: Next, you’re going to have log into your router. Again, password information can typically be found on the outside of the router, but if you’re having trouble you can always contact your network administrator.
  3. Restrict Access: Once you’ve logged into your router, a list of enabled and disabled IP addresses should appear. From there, most routers will give you the option to deny access to unique IP addresses or an entire range of addresses. You should also have the option to block a website. After blocking the IP address, your network will be protected from that address.

Blocking an IP Address for Windows Users

Blocking IP addresses on a Windows computer requires going through the “Windows Firewall.” In tech terms, a firewall is a component that allows your computer to block access to your network without inhibiting your ability to communicate with outside networks.

This guide is going to explain how to locate and block the IP address of a website. Windows Firewall makes this a relatively simple process. If you already know the IP address you want to block, begin with step 3.

  • 1 – Locate Website to Block: Open your internet browser and locate the website you want to block. Highlight and copy everything that comes after the “www” in the web address.
  • 2 –Open Command Prompt: Navigate to your start menu and open “Command Prompt (Admin).” Paste the website’s web address into the first line of code. Command Prompt should respond by generating several lines of code, which should reveal the website’s IP address. Highlight and copy the IPv4 or IPv6 address. Return to your internet browser, paste it into the search bar, and press enter. Confirm that it takes you back to the website.
  • 3 – Open Windows Firewall: Open the start menu. Locate “Control Panel.” From there, find “Windows Firewall.” Open it.
  • 4 – Advanced Settings + Windows Inbound Rules: With Windows Firewall open, locate and click on “Advanced settings” on the left of the screen. Then, locate “Inbound Rules,” which should also be found near the top left of the screen. This should change the menu options. On the right portion of the window, find and click on “New Rule…”
  • 5 – New Rule: With the New Rule tab open, select the “Custom” option and press “Next.” Advance by pressing Next two more times, until you arrive at a window which asks “Which remote IP addresses does this rule apply to?” Click the option that reads, “These IP Addresses.”
  • 6 –Add IP Addresses: Click on the “Add…” button. From there, you can paste the website’s IP address (or any other IP address) into the box that reads “This IP address or subnet:” Repeat this process, adding all IP addresses you wish to block. Once they’re added, click “Next” at the bottom of the screen.
  • 7 –Block: Three options should appear on the next page. The bottom option will read “Block the connection.” Click this and advance to a page which prompts you to “Name,” the blocked IP addresses. After you’ve named it, press Next until the “Finish” bar appears. Click Finish.
  • 8 –Repeat Process with “Outbound Rules”: Return to the Advanced settings window and repeat the process you completed under “Inbound Rules” with “Outbound Rules.”

Once steps 1-8 are complete, the IP address or addresses that you’ve isolated will be blocked from your network.

Why Have I Been Blocked?

If you’ve attempted to visit a website and discovered that you’ve been blocked or have otherwise been denied access, there are several potential reasons.

The most common include:

  • Viruses in your Device
  • Software Extensions
  • History of Illegal Actions

Viruses in your Device

One of the most common reasons that IP addresses are blocked from accessing remote servers is because the remote server detects a virus contained within your IP address. It’s often the case that internet users don’t even know that they have picked up a virus.

Once you’ve removed the virus from your network, feel free to reach out to the website you attempted to access and explain why you should be removed from the blacklist.

Software Extensions

There are many ways to customize your internet browser. Some of the extensions that you can add will eliminate pop-up ads from websites or attempt to detect viruses that might be hiding within a website.

While there’s nothing illegal about adding extensions to your browser, some websites will ban users who run ad-blockers. They may see this as a disruption of their revenue flow.

History of Illegal Actions

If you have a history of conducting illegal activity online, many website admins will block your IP address as a preventative measure, deeming you untrustworthy. Online illegal activities may include illicit trade, activity in the dark web, or cyber-crimes.

Inappropriate Website Content

If you operate a website that contains potentially offensive content like pornographic material or illegal trade, you will likely be blacklisted from many websites on the grounds that your content is subjectively inappropriate.

While you may disagree with the decision of another admin to blacklist your website, there is often no way around the blacklist outside of a direct appeal to the admin.

It all starts with a great domain. Get yours at Domain.com.

Recapping How to Block an IP Address

To recap, IP addresses are used to connect devices to the internet at large. They help locate a connected device in relation to all other devices. By discovering the IP address of a device or website that is causing trouble to an internet user, that user can block the address using a rather straightforward process.

The process of blocking an IP address may change depending on the operating system that is used by the internet connected device. While there are more steps required for PC users, the process is equally straightforward, and perhaps even easier than the process required by Mac users.

If your IP address has been blocked, there are several possible reasons. The first, and most common reason, is that your IP address is associated with a virus—usually one that you’ve picked up by accident. By using antivirus software, you can purge that virus from your computer and then appeal to the website admin to remove you from the IP blacklist.

That’s why having a clear map of your IP address space enables you to identify your network parts quickly, and at the same time helps you manage the whole network in a more efficient way.

For security researchers, it’s the starting point of identifying potential vulnerable sub-networks and IP addresses, for performing deep reconnaissance tasks such as OS and service scanning, vulnerability scanning, and more.

That’s why today we’ll show you the top 10 IP scanner tools for better network management and IP address discovery-mapping.

7 Best IP scanner tools

Let’s take a look at the top IP scanner tools used by system administrators, network engineers and penetration testers.

1. Nmap IP Scanner

We can’t put any other tool in the number 1 spot. Nmap has been and will probably remain our favorite hacking tool for infosec research tasks, and that includes IP scanning as well.

We’ve written about Nmap before, back when we explored the best port scanners and showed how easy it is to scan any host when you’re seeking critical information such as open ports, OS version, and other pertinent details.

What many people don’t realize is that Nmap is the perfect tool for a network IP audit. So let’s use some Nmap commands and begin the process of discovering all the servers behind the network.

Here, we’re going to skip all port scans, using an option called “skip port scan”:

This is the expected output:

As you can see, no port scanning has taken place—instead we used Nmap to ping hosts and get a response from each one of them. This type of IP scanner feature is also called “ping sweep” or “ping scan”.

Performing this same scan on an Internet-connected server can yield a lot of interesting results.

Nmap can be installed in CentOS/RHEL and other Red Hat-based distros by using:

If you’re using Ubuntu/Debian, then this should do the trick:

Stay in the loop with the best infosec news, tips and tools

Follow us on Twitter to receive updates!

2. ARP Scan

The ARP Scan Tool is another great resource for creating a full IP address map of any network. Arp-scan is quite useful for discovering all hosts within a specific network, even those that are protected behind firewalls.

Installing this tool in Red Hat-based systems merely requires you to run:

Same for Debian/Ubuntu-based distros:

To perform an IP scan with this IP scanner tool, you’ll need to run the following command:

This is the expected output:

If you’re working with a wireless network, you can also specify the type of network to scan by using:

This will let arp-scan scan the interface wlan0; you can replace that with your real interface name. Here’s a quick example:

3. Angry IP Scanner

Angry IP Scanner is one of the most popular IP address scanner tools available. It isn’t command line-based, but GUI-based instead, letting you scan your network from a fancy visual interface. You’ll be able to scan IP addresses to detect live hosts, and at the same time gather critical information about each one of them.

The only requirement to make it work in Linux is having Java installed, which is easy in most distributions.

Installation on Linux can be performed by downloading the pre-compiled packages from this link¹

Then install Java and the RPM or Deb package, as follows:.



Once you’ve launch it from your desktop, you’ll see an easy-to-use interface that will allow you to scan IP ranges quickly, as shown here:.

4. Advanced IP Scanner

Advanced IP Scanner lets you scan your LAN and Wi-Fi network and give you real time information about all the connected devices. Apart from finding live hosts, it will also provide port scanning information, letting you build a complete IP address map of your entire network infrastructure.

Advanced IP Scanner features include:

  • Easy-to-use interface
  • Mac address detection
  • Fast network scanning speed
  • Can be run over remote desktop
  • Exports results into CSV format
  • Multi-platform support (Windows, Mac OSX and Linux)

Scanning an IP range is pretty easy: just launch the program, specify the range you want to scan and hit the Scan button. It will show you how many live hosts are found, as well as IP address, device description and assigned Mac address, as you see below:

You can download this app from the official website.²

5. ARP command

Arp command³ is one of the most useful networking commands every network engineer, sysadmin and pentester should know about. Surprisingly, not all professionals are aware of this simple yet powerful command.

That’s why it’s nabbed the fifth spot in our list of the top IP scanner tools. ARP stands for Address Resolution Protocol, and is used to display or modify the kernel IPv4 network neighbor cache.

How does it work? Simple, just pass -a option to display the full list of all known IP addresses found in your local network. You’ll also be able to detect the exact ethernet device associated with all the IP addresses.


This test was run in a real cloud server and it’s super easy to find the IP neighbors from your own network. Here, a little blur-effect has been applied to hide the real hosts and IPs, but this is pretty enough to show you the hidden power behind the arp command as IP scanner tool.

6. Fping

Fping is a popular IP scanner tool, but for more than “scanning,” this IP mapping tool was created to improve the old-fashioned ping command (although it’s somehow different). Fping utilizes ICMP echo requests to check if a remote host is live or not. Unlike the classic ping command, fping can be run against a large number of hosts and IP ranges. And that’s why so many system administrators and network engineers have chosen it as the perfect tool to quickly check how many hosts are live within a specified network.

You can pass several IP addresses or ranges, or make fping parse a text file and launch the ICMP echo request against each one of the listed IP addresses, or IP-range, as well as subnets.

Installation of fping on CentOS/RHEL distros:

For Debian/Ubuntu-based distros simply run:

How can you use it? Easy, just type:

That’s against an entire IP range; you can also specify a single IP instead.

At the end, it will display several useful stats about the results:

Top 10 Ip Blockers

7. SecurityTrails IP Scanner

Classic command line tools are great, as well as others that include visual interfaces, but they often come with disadvantages when you’re using them to scan remote networks. There’s actually a better way to do it, without the risk of getting blocked by firewalls or IDS.

Our SecurityTrails products involve IP exploration as the #1 basic feature, when you need to know the IP address of any domain name, when analyzing the open ports of an IP address, or when you need to get the associated domains or IP neighbors of any IP address.

That’s why it’s easy for us to show you all the information you need for a specific IP address. Let’s take a look:

Beethink Ip

You can also explore IP neighbors by clicking the ‘IP Neighbors to’ button. This option will display all the IP neighbors for the specified IP address, as shown in this screenshot:


Our free app and manual IP lookups will help you get IP scan results in seconds; however, when you need to automate the entire process, you’ll need the power of our SecurityTrails API.

Performing an IP scan with the SecurityTrails API

If you’re a developer or you’re working with a team of developers in your organization, you can take advantage of our IP scanning features and integrate this into your own applications.

For this goal, we offer the X endpoint, which will allow you to retrieve IP information within seconds by querying our intelligent API. This can be done with a simple request against our HTTP-based query system, using any client—such as curl, for example:

Just replace “your_api_key” with your real API key.

You can also integrate this with many popular programming languages like Python, Javascript, NodeJS, Go, PHP, etc. Here’s an example with Python:

Best Ip Blocker For Mac

SurfaceBrowser Total IP Blocks

If you want to take another step forward with access to the full IP blocks of any company, SurfaceBrowser™ is the perfect tool for your IP scanner tasks.

Let’s see how you can get the full IP address space of any organization within seconds.

As shown, you’ll get the total IP blocks for facebook.com in a single place. This includes a few summaries that reveal information ordered by the regional registrar.

Beethink Ip Blocker For Mac


In this case, the RR includes records from: ARIN (105), AT&T Bell Laboratories (50), RIPE NCC (35), PSINet (25), APNIC (18), AFRINIC (2).

You’ll also be able to get the full IP stats by IP subnet size, as well as the full information for each IP block, including IP count, unique user agents, RIR, hostnames and number of associated domains.

Ip Blocker For Mac Os X

Once you’ve finished locating all the IP blocks you need, you can explore any of the blocks by clicking the IP and its subnet, where you’ll find details such as IP count, bitmask, base IP, broadcast IP, mask, host mask, service provider like ASN, organization and company behind this network.


Clearly, there are a lot of IP scanner tools from which you can choose. Managing a large IP space can be quite complex if you’re not relying on any of them.

If you’re part of the infosec community, an IP scanner toolkit could be your best asset for automating your OSINT and intel-reconnaissance tasks.

Take safety and security to the next level: automate all your IP address exploration by using our powerful API. Sign up today for a free API account or book a demo with our sales team to test SurfaceBrowser™, our enterprise-grade product that will reveal the entire attack surface area of your company, including all of its IP address space.

¹ https://angryip.org/download/#linux² https://www.advanced-ip-scanner.com³ https://www.cisco.com/c/en/us/td/docs/routers/crs/software/ip-addresses/command/reference/b-ip-addresses-cr-crs/b-ipaddr-cr-crs_chapter_010.pdf

Esteban is a seasoned security researcher and cybersecurity specialist with over 15 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

Get the best cybersec research, news, tools,
and interviews with industry leaders