114

We have a crowded computer laboratory. We render free Ethernet ports for laptop users. But they don't carry their Ethernet cables with them, they unplug cable of a fixed desktop PC and plug it to their laptop. When their work is finished, they don't even plug it back to the PC. Worse than that, after a lot of plugging/unplugging, physical damage occurs on the Ethernet ports of the fixed PCs. At the moment, we have three computers whose Ethernet ports are damaged because of this.

How do I prevent people unplugging the Ethernet cables of the fixed machines?

cpast
  • 2,513
hkBattousai
  • 3,219
  • 16
  • 46
  • 62

19 Answers19

91

I think this might help you http://www.rjlockdown.com/patchcordpage.html

enter image description here

I was looking in buying something like this a while a go, but I never did, but it seems to be what you are looking for

Macke
  • 1,253
ralz
  • 2,566
79

If you are looking for a cheap and easy way to do this, just use zip ties. You can put one near the end of the ethernet cable, one somewhere on the back of the fixed PC (like to an open vent or empty card slot), and use another to connect the two. It wouldn't keep the cables from being unplugged, but it would prevent people from moving the cable more than a few inches from the PC, rendering it useless to use on their laptop.

zip ties holding ethernet cable in place

techturtle
  • 9,376
60

Don't fight; be polite.

Instead of fighting people who want to use the internet, make it easier for them to use the internet without interfering with the desktop systems in any way.

The first step to keeping people from doing things you don't want them to do is to ask them nicely.

  1. Put a sign on the back of desktop systems asking people in need of ethernet cables to request one from the lab attendant. you can still ziptie the cables to the desktop, but that won't stop anyone with a penknife or pair of scissors.
  2. Get some cable. I recommend buying a large spool of ethernet cable, a set of crimpers, and some plugs. I recommend this over buying pre-made cables as it tends to be much cheaper, and you'd be able to make cables in whatever size you need. Most people shouldn't need more than a few feet of cable if the ports are close to desks. If people steal their cable, it'd be much cheaper to replace. Instructions on how to crimp an ethernet cable can be found all over the internet. It's remarkably easy to do.
  3. Attach a sticker to each cable that asks the borrower to return the cable to the attendant when they're finished.
  4. Give cables to people freely when requested. This is the most important part. They need a cable. If you meet their needs, they'll no longer have a reason to steal cables from other machines. You could set up a bartering system where they give you something (like a shoe, bag, or ID) and they get it back when they return their cable. I don't like this solution as it makes it easy for the lab attendant to get in trouble when someone's stuff gets stolen if they happen to go to the bathroom.
  5. Ask people to donate spare cables to support the lab. If you're giving away free cables, I'm sure there are others who have some lying around from their old router or computer.
zzzzBov
  • 319
  • 3
  • 14
59

Cable ties are a great idea, but they can be easily cut with scissors or a knife.

An alternative I have used in the past is to trim the release tab back to the point where the cable will still latch into the RJ45 port, but the tab is not accessible to release the cable. This then requires a tool to release the tab because its recessed.

Cut at the red line (approximate). You may have to adjust cut location to suit your needs.

enter image description here

horatio
  • 3,719
CharlieRB
  • 23,021
  • 6
  • 60
  • 107
50
  1. Provide more dedicated for-laptop cables;
  2. Integrate system units somehow to make cabling inaccessible.

I think with enough cables + Wi-Fi users should not need unplugging Ethernets from PC.

Vi.
  • 17,755
25

I don't envy you your user base, but still, look at it from their perspective: To use their computer lab, they have to carry a cable on top of all the other junk they need to get through their day. So, they borrow a cable from a PC and often forget to plug it back in-- or maybe they leave it free as a courtesy to the next user. The ones who took the free cables home have no excuse, of course, but they were doubtless a minority.

So, what to do? Instead of going to war with your users, solve their problem and they'll have no reason to mess with your equipment.

  1. Wifi. It's 2013, dude. If I was forced to use a cable I might get uncooperative too. If access by people from outside the lab is an issue, lock it and post the password on the wall.

  2. If wifi is really out of the question, provide new ethernet cables and lock them to the wall. If there's nothing to attach a zip tie to, bolt something to the wall.

alexis
  • 522
22

There are cables with built in locks.

Check out LockPORT. They make secure cables that require a special tool to be removed.

enter image description here

nixda
  • 27,634
BroScience
  • 1,823
7

A large number of physical solutions have already been provided, so I would like to give a software one that can, of course, also be used in addition physical measures.

Put some kind of port security up (preferably 802.1X) - while MAC whitelists can be relatively easily circumvented, I'd like to see someone circumvent 802.1X without physically disassembling your lab machines.

Also put up a sign explaining that removing the cables is now only good to make The Sysadmin angry, and that they won't like him when he's angry. (Public display of a LART is highly recommended.)

If you have BOFH inclinations: Make the cables work even for unauthenticated users, but assign them a special IP range. Log access to any authenticated services from said IP range, and lock the user accounts. This way, they'll come to you to pick up their punishment, and you don't need to constantly watch the logs and immediately sprint to the correct location for catching the person (you still may want to do that for the added "all-seeing admin" effect). Or just redirect everything to a login form, and connect it to a "lock account on correct login" script. You will be amazed how many users are dumb enough to try. (Originally, I wanted to suggest simply blacklisting their MAC so their laptop doesn't work anywhere on the network, but since MACs can be faked so easily, this could both be easily circumvented and lead to nasty pranks.)

If you are nice and want to provide cable-based access: Do what my university did, add a second NIC, add a 1.5m network cable to it, and route/bridge/whatever it to the network. (All cables behind the PC go through a giant zip-tie to make stealing cables, mice etc. harder.) In my university, the users have to log in on the PC and activate said cable there, making sure only authenticated users can use it and all access can be attributed to a user. Unplugging the "uplink" cable from the PC and accessing it directly is prevented by 802.1X, as far as I know.

Jan Schejbal
  • 1,132
3

Use a cable-tie and somehow secure the cable to the case, possibly through an empty PCI slot, or some other hole in the case. Place the cable tie as close to the end that clips into the PC as possible. Then wrap tape around the other side of the cable right next to the cable tie so that it can't slide through the cable tie. Combine that with having a few cables available for people to use with their laptop as @Vi. recommended and you'd probably stop a lot of this stuff.

Kibbee
  • 1,450
3

Change the fixed PCs to use WIFI, which will

  • Render them unable to be unplugged from the network, since there's nothing to unplug.
  • Free up those three cables for laptops.
Mark Allen
  • 2,880
3

You appear to be solving the wrong problem. Your problem is that you are not providing an appropriate method for your customers to connect to their network.

Offer WiFi, offer additional patched ports and put cat-5 cables in the vending machine.

Andrew H
  • 101
2

Have you considered providing cords hard-wired into the wall (or at least secured to the outlet by any of the methods suggested above), instead of ports, for the "free ports" you provide for laptop use? Then they won't have a problem if they didn't bring a cable.

Since part of your problem seems to be people yanking the cords out rather than correctly detaching them, any solution involving securing the cords to the computers will just make them yank harder.

Random832
  • 641
2

Students who have forgotten to bring cables should be able to borrow them from some lab attendant or IT desk for a cash deposit which is high enough that if the cable isn't returned, it can be regarded as a profitable sale.

To detect that a cable is being wrongfully unplugged from a PC (or that a PC has shut down or crashed), you can give the PC's static addresses and have a little daemon program ping all of them periodically and generate an alert e-mail.

Kaz
  • 2,800
  • 1
  • 20
  • 24
1

one thing not mentioned yet that I've seen used: superglue.
yes, some IT departments use that to prevent people opening or unplugging computers.

jwenting
  • 146
  • 4
1

On top of the zip ties solution, that is actual brilliant simple, i would suggest to block internet access trough the cables reserved to the pc's MAC address. Most routers support this function. (You will either need a separate router for the desktop pc's, or one that support blocking access per port.)

Next, you place the router out of reach so the users can't move the cable to another port/router.

Actually, i would suggest you place all ports out of users reach, and only let a few meter of cable come out of the wall, that way they can't even forget or steal a cables and take it home.

Also, you can offer wifi beside cabled access. This would take some tress off the cables, while at the same time the cables take away some stress from the wifi as you wont need 40 people in a small are on wifi. Users that need high speed will still find a cable, but for most uses wifi will be more then enough.

Dorus
  • 149
1

Have a spare Ethernet cable plugged glued in to every wall socket. If they don't need to take a cable, they won't cause any damage.

Hand-E-Food
  • 4,961
0

Have the switch disable access to the ethernet port upon connection loss. Then kick whomever made you come reconfigure the switch in the ass.

Alternatively block specific mac addresses for the ports designated to the provided machines.

Both of these require a managed switch.

Colton
  • 1,163
0

Fashion a sheet-metal cover for the port area, with a slot to allow the cable to pass.

Daniel R Hicks
  • 6,261
0

After Looking at the RJ Lockdown device, it looks like a great and cheap option. If you decide to offer spare patch cables, you might want to try the Mono Price website Their prices are so cheap I suspect there would be no point to buying a roll of cable and building them. Also it boils down to two things Making the internet access harder to get when it comes to people using your cables that are already in use and also making it easier by offering guest wifi. If is easier and more convenient, people will most likely go with it.

Netgear offers a line of routers that offer both internal LAN access to the WAN and also a Guest Wi-Fi which you can even setup to have each wireless device to be isolated from the next thus making it more secure for the guests. Now if you placed a sign informing your guest of these changes and security enhancements, that should convince them to use the guest wifi.

An example of the router I was referring to would be the WNDR3700 or higher like WNDR4000, just Google the term "Netgear WNDR3700" or go to the Netgear site to have a look and I think you will find this will make you life a lot easier.I have placed a link to the Netgear site in my response for your convenience Netgear website

Good luck

Frank R
  • 306