Re: DHCP through RAS
jamesworld_at_intelligencia.com
Date: 03/03/04
- Previous message: Poole, Gary: "Windows file move restriction"
- In reply to: Jason Humes: "DHCP through RAS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 02 Mar 2004 20:25:18 -0600 To: Jason Humes <jhumes@acs.on.ca>
That means that the machine dialing in has a modem and it's
configured. Your RAS identifies it as an interface that needs an IP
address so it assigns one to it. It detects it's a RAS (modem) interface
so it gives that type. Usually harmless, but it's a consideration when
allocating DHCP pools.
Try it yourself. Use a Win NT, 2K or XP box with a modem on it. Configure
the modem with Remote access and have the service enabled. Plug in and get
an IP address via DHCP. Look at the leases for your machine and notice the
two IP's and the interface types. And you are not using your modem as an
ICS or anything else.
Yes the possibility is there. If you are running AD, create a script or GP
to restrict it. (Shut down the RRAS service)
-James
At 15:31 03/01/2004, Jason Humes wrote:
>Hi
>We provide access-controlled internet in a public area through the use of an
>access-controller. Usernames for authentication to the AC are given out
>manually and IPs are distributed via W2K DHCP Server. The problem is that
>we don't want users installing access-points or other access mechanisms onto
>the network and doing some second level sharing of the internet feed. I
>mean, if I look at the DHCP server leases, most of the leases are plain old
>PCs, but there are a couple that show up as RAS under the "unique ID" field
>and the "Name" field matches that of another...this means that the person
>showing up as RAS is connecting THROUGH the matched Name...correct? Is
>there any way in W2K DHCP to stop this? The access-controller works by
>source IP address, and the IP would be the same for both PCs and therefore
>allowed through to the internet. Thanks
>
>Jason D. Humes
>
>
>
>**********************************************************************
>
>Confidentiality Notice:
>
>The information contained in this e-mail and any attachments may be legally
>privileged and confidential. If you are not an intended recipient, you are
>hereby notified that any dissemination, distribution or copying of this
>e-mail and any attachments is strictly prohibited. If you received this
>e-mail in error, please notify the sender and permanently delete the e-mail
>and any attachments immediately. You should not retain, copy or use this
>e-mail or any attachment for any purpose, nor disclose all or any part of
>the contents to any other person.
>
>Thank you.
>
>
>---------------------------------------------------------------------------
>Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
>wireless security
>
>Protect your network against hackers, viruses, spam and other risks with
>Astaro Security Linux, the comprehensive security solution that combines six
>applications in one software solution for ease of use and lower total cost
>of ownership.
>
>Download your free trial at
>http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
>---------------------------------------------------------------------------
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------
- Previous message: Poole, Gary: "Windows file move restriction"
- In reply to: Jason Humes: "DHCP through RAS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
