Noob help monitoring network for MAC being sent out
We were made aware the developer of some software we use uses a "call home" feature and they like to use it as a tactic to enter businesses and examine workstations for recorded MAC addresses. I am not OK with this invasion and looking to block any suspect network activity.
From what we have gathered so far, there has been activity on port 80 going to the C drive location of the software. That has been blocked but something tells me that is just "low hanging fruit" and there is probably more cryptic efforts on the network. Hoping I am wrong, but.......
In every case we can find, if they find a reason to visit, they will find a reason to charge a fee for "something". I want them locked out of our network.
Because the MAC address seems to be popular, I would like to examine ways to filter the network activity for this. However, any other thoughts or suggestions would be appreciated.
You guys do great work! I am NOT an IT specialist but I will work diligently on understanding this!
