Re: Blocking Access to Non-domain computers

From: Peter Wohlers (pedro_at_whack.org)
Date: 08/25/04

  • Next message: Oliver Leitner: "searching for a gnu/linux based SUS replacement" 
    Date: Tue, 24 Aug 2004 22:10:31 -0700
To: security-basics@securityfocus.com

    Andreas wrote:

    > Hello,
    >
    > On Thursday 19 August 2004 16:58, Brian Gehrke wrote:
    >
    >>I am running a W2K domain, using DHCP. Is it possible to block
    >>non-domain computers from getting an IP address from the DHCP server, so
    >>they will not be able to access the Internet through the network.
    >

    Start looking at 802.1x

    Although you usually hear of it's implementation in wireless networks,
    that just happens to be it's most dire use. It can authenticate wired
    ethernet dhcp access as well. Here's a link to someone's page on how to
    implement it:
    http://www.cs.umd.edu/~mvanopst/8021x/howto/server.html

    --Peter Wohlers

    ---------------------------------------------------------------------------
    Computer Forensics Training at the InfoSec Institute. All of our class sizes
    are guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Gain the in-demand skills of
    a certified computer examiner, learn to recover trace data left behind by
    fraud, theft, and cybercrime perpetrators. Discover the source of computer
    crime and abuse so that it never happens again.

    http://www.infosecinstitute.com/courses/computer_forensics_training.html
    ----------------------------------------------------------------------------

  • Next message: Oliver Leitner: "searching for a gnu/linux based SUS replacement"

    Relevant Pages

    • Re: SuSE home network
      ... > 2000) connected to a cable modem. ... > up to four internet connections via dhcp. ... >From your ISP's network or from your own internal network? ...
      (alt.os.linux.suse)
    • RE: [Full-Disclosure] Calcuating Loss
      ... The Internet is just that, ... Each network is owned by someone. ... > What we need is something that you have to log into or your DHCP is revoked immediately. ... > So again it is anonymity that causes most of the grief. ...
      (Full-Disclosure)
    • RE: [Full-Disclosure] Calcuating Loss
      ... The Internet is just that, ... Each network is owned by someone. ... > What we need is something that you have to log into or your DHCP is revoked immediately. ... > So again it is anonymity that causes most of the grief. ...
      (Full-Disclosure)
    • Re: Multiple IP Schemes for Different Buildings
      ... The linksys on your first network stays as it is, ... DHCP broadcast is on the local subnet only, ... router to forward internet traffic to your firewall. ... If each server has it's own DHCP server then I don't need to worry ...
      (microsoft.public.windows.server.general)
    • Re: Key words or phrases
      ... the wireless connects via dhcp. ... DHCP Server) for the Network Card with network address xxxxxxxxxxxx. ... "Kevin Nelson" wrote in message ... > cable access to the internet, all have latest updates and service packs ...
      (microsoft.public.win2000.general)