I don’t believe that’s possible – protecting it.
HOWEVER – To make use of your MAC address, the impersonator must be on the same (relatively) local subnet you are. My Comcast setup uses a subnet mask of 255.255.255.252, which translates to approximately 1020 possible systems – of which an impersonator could be one.
I’ll be very interested in seeing what other suggestions are out there myself.
I beleive that Bob meant to say that his ISP uses a subnet of 255.255.252.0 as a subnet of 255.255.255.252 would only allow for 2 hosts on the subnet. (My ISP AT&T uVerse has the same subnet mask.)