Re: Prevent stealing IP numbers

From: Al Dykes (adykes_at_panix.com)
Date: 02/27/04 

Date: 27 Feb 2004 09:36:50 -0500

In article <a3036$403f3fbd$d549d066$16611@news.multikabel.nl>,
Benno <big_cpu@NO.SPAM.hotmail.com> wrote:
>
>"Andreas Wilm" <wilm@biophys.uni-duesseldorf.de> wrote in message
>news:c1nder$1nk$1@news1.rz.uni-duesseldorf.de...
>> Hi,
>>
>> > We're looking for a solution for preventing ip stealing. Students in our
>> > department usually connect their laptops and use one ip number... you
>> > can just imagine the conflicts we have...
>>
>> Just an idea:
>> In case you have a 'static' number of students, get the MAC addresses of
>> their NICs and assign one ip per MAC using DHCP.
>
>That still doesn't prevent setting de IP number by hand and creating IP
>conflicts.
>
>Benno
>
>

You could have a NIC on a server ifconfig'd to "own" all the
unassigned IP numbers, at least for class C blocks. I don't know what
the practical limit is for assigning multiple IPs to a NIC.

SysAdmin magazine (http://www.samag.com/ ) had an article a couple fo
months ago that described how a site used MAC addresses in a table on
the DHCP server to enforce IP numbers on machines. If someone brought
a laptop into the site it wouldn't work uniti the administrator had
updated the dhcp server. The article showed a nice web/database
application to keep records easier.

Now. This doesn't stop someone from shutting a PC down and borowwing
it's IP address. I suppose you couple write a small daemon that
monitored the ARP table and raise alarms if a MAC/IP pair doesn't
match the DHCP server table. This is after-the-fact, 

-- 
Al Dykes
-----------
adykes@panix.com

Relevant Pages

  • Re: Cannot Ping Beyond Default Gateway & DHCP Server
    ... That computer has two ethernet NICs: one from Intel, and one from Linksys. ... He says he has never had to change a MAC nor tell the home office to change one. ... My assumption now is that this MAC control is occurring in the cable modem, and that clearing it with power off causes it to loose its previously-stored value. ... Network Diagnostics shows pings to his IP, Default Gateway, and DHCP Server work, but pings to DNS servers fail. ...
    (microsoft.public.windowsxp.network_web)
  • Re: mac address issue
    ... mac address that was different in some way that just resulted in the DHCP ... Sounds like the client is sent our a DHCP request, ... your DHCP server is replying with an offer, but the client is sending back ... Modeled after the famous Black Hat event ...
    (Security-Basics)
  • Re: Mac 10.4 OS on G5
    ... I called into the SBS Team Support yesterday because I was getting bombared ... changed before the Mac problem begin. ... the dual NICs on the server from teaming as Load Balance to Fault Tolerance ...
    (microsoft.public.windows.server.sbs)
  • Re: Network Security
    ... >>I've been tasked to protect out network from unwanted clients ... > configure the DHCP server to only give out addresses to specific MAC ... > that says no visiting computers. ... >>not 'known' to us then we can stop it getting an IP from the DHCP server? ...
    (linux.redhat)
  • Re: Buffalo router disupts internet connection on lease renewal
    ... Using MAC addresses from guaranteed incompatible hardware (or obsolete ... my best guess is that it's something on the Cox DHCP server ... DHCP client might be looking for a server that is offline or dropped ...
    (alt.internet.wireless)