RE: Filtering DHCP Assignments by MAC Address

From: Hardee, Chris (CHardee_at_ESNCC.com)
Date: 06/20/03

  • Next message: Levinson, Karl: "RE: Windows Event Logs" 
    Date: Fri, 20 Jun 2003 10:52:54 -0400
To: <FOCUS-MS@SECURITYFOCUS.COM>

    Having dealt with this problem with several clients, there is no easy answer. What I have suggested is to limit the DHCP scope to only pass out reservations to known MAC addresses (i.e., create a reservation for an individual MAC address) and reserve / exclude all addresses in your scope. If you have a small network, this is a fine solution, but if it is a large system, it will take a massive amount of legwork on your sysadmins. I don't know of any other 3rd party products that may do it. The only caveat to this is if they know your IP addressing scheme, they can always plug it in by hand. Hope this helps some.
    c

    "I don't care where they come down. That's not my department."
    - Wernher von Braun

    -----Original Message-----
    From: Jake Frost [mailto:jakefr0st@hotmail.com]
    Sent: Thursday, June 19, 2003 5:51 PM
    To: FOCUS-MS@SECURITYFOCUS.COM
    Subject: Filtering DHCP Assignments by MAC Address

    We have just converted to DHCP and would like to limit the ability of people
    to plug in to the network without authorization. In Win2K is it possible to
    limit DHCP assignments by MAC address or some other mechanism to keep rogue
    machines out? My server admins have been researching this but can't find a
    method to achieve what we want. Thanks.

    Jake

    _________________________________________________________________
    MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
    http://join.msn.com/?page=features/virus

    -----------------------------------------------------------------------------
    ------------------------------------------------------------------------------

    -----------------------------------------------------------------------------
    ------------------------------------------------------------------------------

  • Next message: Levinson, Karl: "RE: Windows Event Logs"

    Relevant Pages

    • RE: Filtering DHCP Assignments by MAC Address
      ... By assigning by MAC address you've just transferred your problem of keeping ... Filtering DHCP Assignments by MAC Address ... > limit DHCP assignments by MAC address or some other mechanism ...
      (Focus-Microsoft)
    • RE: Filtering DHCP Assignments by MAC Address
      ... Lock each port on the switch to its corresponding MAC ... Filtering DHCP Assignments by MAC Address ... to plug in to the network without authorization. ...
      (Focus-Microsoft)
    • RE: Filtering DHCP Assignments by MAC Address
      ... Filtering DHCP Assignments by MAC Address ... > to plug in to the network without authorization. ... > limit DHCP assignments by MAC address or some other mechanism ...
      (Focus-Microsoft)
    • RE: Filtering DHCP Assignments by MAC Address
      ... You can filter out MACs, ... tedious to compile a listing of all valid MAC addresses. ... network is quite a bit of overhead. ... Filtering DHCP Assignments by MAC Address ...
      (Focus-Microsoft)
    • RE: Filtering DHCP Assignments by MAC Address
      ... With Windows you can assign dhcp to a mac but it does not always work ... Filtering DHCP Assignments by MAC Address ... limit DHCP assignments by MAC address or some other mechanism to keep ...
      (Focus-Microsoft)