RE: Filtering DHCP Assignments by MAC Address

From: Jimmy Sansi (jsansi_at_ritzfoodservice.com)
Date: 06/20/03

  • Next message: Cushing, David: "RE: Filtering DHCP Assignments by MAC Address" 
    Date: Fri, 20 Jun 2003 08:20:14 -0700
To: "'Jake Frost'" <jakefr0st@hotmail.com>, <FOCUS-MS@SECURITYFOCUS.COM>

    You can filter out MACs, however that would be rather
    tedious to compile a listing of all valid MAC addresses.
    Any switch worth its salt can "lock down" a port based
    on a MAC. However keeping this up to date on a large
    network is quite a bit of overhead.

    My suggestion would be to incorporate some sort of password
    validation and/or a VPN(which would provide validation)
    depending on how available the network is(ie: wireless) as
    well to protect against unathorized users from sniffing the
    network segment and then spoofing their MAC address.

    -Jimmy

    -----Original Message-----
    From: Jake Frost [mailto:jakefr0st@hotmail.com]
    Sent: Friday, June 20, 2003 7:16 AM
    To: FOCUS-MS@SECURITYFOCUS.COM
    Subject: Filtering DHCP Assignments by MAC Address

    We have just converted to DHCP and would like to limit the ability of people
    to plug in to the network without authorization. In Win2K is it possible to
    limit DHCP assignments by MAC address or some other mechanism to keep rogue
    machines out? My server admins have been researching this but can't find a
    method to achieve what we want. Thanks.

    Jake

    _________________________________________________________________
    MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
    http://join.msn.com/?page=features/virus

    ----------------------------------------------------------------------------
    -
    ---------------------------------------------------------------------------- 

    --
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
  • Next message: Cushing, David: "RE: Filtering DHCP Assignments by MAC Address"

    Relevant Pages

    • TidBITS#794/29-Aug-05
      ... This week's issue brings a potpourri of Mac news, ... Mark Anbinder looks briefly at Google Talk, ... Adding Tiger's AirPort Preferred Network List ...
      (comp.sys.mac.digest)
    • Apples new software may steal the show
      ... Steve Jobs, Apple Computer's co-founder and performer in chief, rarely shows any reluctance to sell -- or even over-sell -- his company's accomplishments. ... Jobs spent only about five minutes talking about what I see as the big news of the day: Apple's first software for using a home network through a television screen rather than a computer monitor. ... Apple's Mac OS X, the software running all its Macintosh computers, also has built-in features for easily connecting Macs in a network. ...
      (comp.sys.mac.advocacy)
    • Re: About War Driving ..
      ... However, MAC filtering does not qualify as defense in depth, ... because the attacker can spoof a valid IP address. ... broadcasting the SSID doesn't hide a network, but just makes it show up ... machines in your building that you can control and check the MAC ...
      (Security-Basics)
    • Re: Wired security improvements
      ... I have a lot of experience with 802.1x in a wireless environment and it ... option than MAC Authentication via RADIUS as far as security is concerned, ... it can only provide a weak form of network authentication. ...
      (Security-Basics)
    • Re: OK first real Mac Complaint - Network Trouble
      ... changing the channel on my router has cleared up wireless issues on my ... have to reset it when the connection dies. ... to suck up a large amount of network bandwidth to do unnecessary screen ... It should at least help to identify what the Mac ...
      (comp.sys.mac.misc)