Re: Security of IP addresses assgined by DHCP

From: Eric Chamberlain (eric_james_chamberlain@hotmail.com)
Date: 03/07/03

• Next message: Raye Schwartz: "128-bit security not recognized by a website"
• Previous message: Joe: "NTFS permissions on Windows 2000"
• In reply to: Jim: "Security of IP addresses assgined by DHCP"
• Next in thread: Stuart Mackie: "Re: Security of IP addresses assgined by DHCP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Eric Chamberlain" <eric_james_chamberlain@hotmail.com>
Date: Thu, 6 Mar 2003 19:00:01 -0800

Look for network devices that support 802.1x. DHCP is not designed to
provide any security. The user could also guess at an available IP address
or sniff the network and figure out what IP address to use. 802.1x allows
the network devices to block the network traffic at the switch port or
wireless AP, if the connected device fails to authenticate.

"Jim" <jim.garrett@lifeway.com> wrote in message
news:03a801c2e3f4$3b5e33f0$3001280a@phx.gbl...
> We have been wrestling with the issue of the use of DHCP
> and the ability for any outside system once inside the
> building and configured for DHCP being able to connect to
> our network. We are examing policy concerning wireless
> access, yet for any contractor/vendor allowed in the
> building they can connect any non-corporate approved
> device to the network and receive access via DHCP.
>
> Are their any DHCP configurations/software available that
> would allow for some kind of "inspection" of the device
> requesting an IP address from a DHCP server, and determine
> if indeed this device is "approved" to receive an IP
> address? I'm aware of techniques to utilize MAC addresses,
> but this seems to potentially be an administration
> nightmare.
>
> Thanks
>
> Jim

• Next message: Raye Schwartz: "128-bit security not recognized by a website"
• Previous message: Joe: "NTFS permissions on Windows 2000"
• In reply to: Jim: "Security of IP addresses assgined by DHCP"
• Next in thread: Stuart Mackie: "Re: Security of IP addresses assgined by DHCP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: networking private and public hosts questions ... some systmes in storage to create a test network. ... a WS to the child and attempted to pull an IP from the DHCP server, ... (microsoft.public.win2000.networking) Re: A little FYI ... > fix for a different problem or end up making the same configuration ... Maybe faulty network equipment, ... > to look at what might interfere with DHCP. ... you were not here as I was trying to get the card to stay ... (comp.security.firewalls) Re: Preventing DHCP from allocating IPs ... Each segment is physically separate with a Linux ... unknown MAC addresses firstly don't get a DHCP ... >> wants access to your network, they will have to come to you to obtain ... (Security-Basics) Cable Connectivity ... address for the Network Card with network address 00402B2F688C. ... The DHCP Client service on your computer did not receive a response ... If connection with the network is not established using this APIP ... the DHCP Client service will try to contact the DHCP server ... (microsoft.public.windowsxp.general) Re: Exchange not loading properly, since updates? ... No other DHCP services running on the network. ... >> here is the changelog text, ... >> Old Subnet Mask: 255.255.255.0 ... (microsoft.public.windows.server.sbs)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint