the base station allows restriction by MAC address. I don't know if it would do this through the LAN port too, but it's worth a shot. Get a couple machines' MAC addresses; allow one, disallow (by it being absent from the 'white list') the other. Connect disallowed machine to LAN port. See what happens.
but if this guy is desparate, what prevents him from disconnecting the base station and hooking the access into his computer, bypassing the station's LAN port altogether?