RE: [Maybe Spam] Dhcp security
From: Phil Waller (phil.waller_at_wgsn.com)
Date: 01/21/05
- Previous message: Andrew Rice: "Re: IIS6 on W2k3 DCs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Paul Aviles <paviles@adjoined.com>, focus-ms@securityfocus.com Date: Fri, 21 Jan 2005 08:35:43 -0000
Implement rigorous physical and perimeter security for your network and be
vigilant in maintaining such security.
Upgrade any lingering Windows NT domains so you can make use of the DHCP
server authorization feature of Active Directory.
Avoid using Windows 2000 or Windows Server 2003 domain controllers as DHCP
servers.
Use reservations for assigning addresses of critical servers on your
network, or use static addresses for them instead.
Rigorous physical security i.e. no unsecured wall jacks, locked doors, staff
trained to recognize social engineering attempts, and so on.
-----Original Message-----
From: Paul Aviles [mailto:paviles@adjoined.com]
Sent: 19 January 2005 22:30
To: focus-ms@securityfocus.com
Subject: [Maybe Spam] Dhcp security
I have a weird question maybe. Is there a way to prevent our DHCP from
giving leases to computers not in our domain? I don't want anyone that
walks in to just connect and have the possibility of a network viruses
getting loose. Is this possible?
My setup is a typical AD 2K environment, simple domain no empty root.
Thanks
Paul
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Andrew Rice: "Re: IIS6 on W2k3 DCs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
