Will extend this for one more day if OP Agrees
1) as per my question the user has called up a help desk. Someone calls a help desk only when the person is unable to access a computer or service and was able to do that before.
2) If the user access to the host computer had been restricted then the help desk would have informed the user that the user has been restricted to access that computer. But instead the help desk is trying to help out the user. Mind it the help desk is belonging to the same subnet so it better knows which users has what access.
3) you point is correct that ICMP packets can be dropped based on the IP address. But you know very well that IP address verification is done in the third layer of the network that is the network layer. The devices that works in the network layer are routers, L3 switches and the computer configured with firewalls,NATing and routing. But my dear frnd the computers are belonging to a subnet. Here it is no point in doing such IP verifications. You can set logic to L2 swithches,rather, for the purpose. But in that case it is not IP, it is MAC address..nd my 1st point clearly indicates that the user is noway restricted by host computer..
What is the answer?
explaination:- the "arp" command supports the ARP service of the TCP/IP protocol suite. It enables an administration to view the ARP cache and add or delete cache entries. Any added entry becomes permanent until it is deleted or the machine is shut down.
c:/>arp -a interface: 192.168.1.200 ---- 0X2 Internet address Physical Address Type 192.168.1.25 00-aa-00-62-c5-09 static 192.168.1.50 00-60-08-cd-34-54 dyanamic 192.168.1.51 00-60-08-cd-34-52 dyanamic
(note:- reply me if anyone has any sort of confusion. I know the question is very tricky and only network experts are expected to ans)