Re: DHCP issues Subnet IP to computer on another domain

From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 12/11/04

  • Next message: Roger Abell: "Re: Difference in authentication between using IP address and DNS name"
    Date: Sat, 11 Dec 2004 09:14:15 -0700
    
    

    The machine has to be inside the perimeter, that is, within the
    set of subnets to which the DHCP DORA broadcast messages
    are allowed to route. If everything is now behind your ISA
    then the machine is also.

    -- 
    Roger Abell
    Microsoft MVP (Windows  Security)
    MCSE (W2k3,W2k,Nt4)  MCDBA
    "Bill" <Bill@discussions.microsoft.com> wrote in message
    news:299106A9-423D-49FE-9526-5189F19E9065@microsoft.com...
    > For the past year our firewall has been managed by a third party, our ISP.
    > About 2 weeks ago, I looked at the DHCP clients that were being issued IP
    > addresses and noticed for a computer that is not on our domain and was in
    > fact on another domain.  I deleted it and the next day found that the
    lease
    > had been renewed.  Over the weekend I disconnected the third party
    firewall
    > and installed an ISA 2004 Server and deleted the computer from the the
    scope.
    >   It has again renewed it's lease.  We have several users that use RDP to
    > access our terminal server and we have an Exchange 2003 server with POP3.
    I
    > have checked and none of our users are logging in from a computer with
    this
    > particular name or from that domain.  Have we been HACKED or is there
    another
    > explanation?
    > -- 
    > Many thanks,
    >
    > Bill
    

  • Next message: Roger Abell: "Re: Difference in authentication between using IP address and DNS name"