RE: Filtering DHCP Assignments by MAC Address
From: Scheinberg, Adam (ascheinberg_at_masseyservices.com)
Date: 06/20/03
- Previous message: Dennis Bauer: "RE: Filtering DHCP Assignments by MAC Address"
- Maybe in reply to: Jake Frost: "Filtering DHCP Assignments by MAC Address"
- Next in thread: Laura A. Robinson: "RE: Filtering DHCP Assignments by MAC Address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 20 Jun 2003 14:41:05 -0400 To: "Jake Frost" <jakefr0st@hotmail.com>, <FOCUS-MS@SECURITYFOCUS.COM>
Setting up reservations for each MAC address on your network is a
tedious and error-prone process. My recommendation is to invest in a
decent switch. Lock each port on the switch to its corresponding MAC
address. This will also prevent people from moving their computers
around the office without IT awareness. To complement this, disable all
unused ports on the switch, leaving all unused LAN drops dead. Be
prepared for user adjustment - until it's part of the culture, people
will do things like spontaneously decide they want to "move their
computer near the sun" or some such whim.
Train your techs to know that when swapping out computers or NICs they
need to have the port temporarily unlocked. MAC management is built
into most switches these days, and it's probably best it stays there.
-- Adam Scheinberg IT Systems Manager Massey Services, Inc. (407) 645-2500 x160 http://www.masseyservices.com -----Original Message----- From: Jake Frost [mailto:jakefr0st@hotmail.com] Sent: Thursday, June 19, 2003 5:51 PM To: FOCUS-MS@SECURITYFOCUS.COM Subject: Filtering DHCP Assignments by MAC Address We have just converted to DHCP and would like to limit the ability of people to plug in to the network without authorization. In Win2K is it possible to limit DHCP assignments by MAC address or some other mechanism to keep rogue machines out? My server admins have been researching this but can't find a method to achieve what we want. Thanks. Jake _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus ------------------------------------------------------------------------ ----- ------------------------------------------------------------------------ ------ ----------------------------------------------------------------------------- ------------------------------------------------------------------------------
- Previous message: Dennis Bauer: "RE: Filtering DHCP Assignments by MAC Address"
- Maybe in reply to: Jake Frost: "Filtering DHCP Assignments by MAC Address"
- Next in thread: Laura A. Robinson: "RE: Filtering DHCP Assignments by MAC Address"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
