Security Basics mailing list archives
Re: DHCP
From: Shreyas Zare <shreyas () technitium com>
Date: Sat, 23 May 2009 00:41:03 +0530
Hi, Well, there are lot of options to get pass security since the user has got physical access to machine. Example, a user may boot his laptop on live CD and get access to network. So IMHO, using DHCP as access control is bad design. Regards, On Sat, May 23, 2009 at 12:30 AM, David Vo <dtvo2005 () gmail com> wrote:
Not entirely true. You can set policy so that user cannot change his/her network settings. David T. Vo, CISSP On Fri, May 22, 2009 at 11:51 AM, Shreyas Zare <shreyas () technitium com> wrote:Hi, Anyone can set manual IP on his machine even when you got DHCP configured on network. So, trying to do access control using DHCP is useless. DHCP is just to make configuring IP on clients automatic. Regards, On Fri, May 22, 2009 at 8:08 PM, Doug McFarland <djm () yantarni com gt> wrote:Hi all, I am looking for a way to block any PC that plugs into my network that is not authorized to access any network resources-servers, firewalls, etc. Is there a way in DHCP that I can add reservations just for the PCs that I want to allow the network resources and any other pc/laptop that happens to be plugged into the network either doesn't get an IP address, gets a dummy IP address, or something else? I've heard Windows Server 2008 can do this, but I'm not sure about 2003. Any suggestions would be greatly appreciated. Best regards, djm-- ("Computers have a strange habit of doing what you say, not what you mean." - SANS Top 25 Most Dangerous Programming Errors) Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Join Sci-Tech News group and get the latest science & technology news in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news to join. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
-- ("Computers have a strange habit of doing what you say, not what you mean." - SANS Top 25 Most Dangerous Programming Errors) Shreyas Zare Co-Founder, Technitium eMail: shreyas () technitium com ..::< The Technitium Team >::.. Visit us at www.technitium.com Contact us at theteam () technitium com Join Sci-Tech News group and get the latest science & technology news in your inbox. Visit http://tech.groups.yahoo.com/group/sci-tech-news to join. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- DHCP Doug McFarland (May 22)
- Re: DHCP Shreyas Zare (May 22)
- Message not available
- Re: DHCP Shreyas Zare (May 22)
- Message not available
- Re: DHCP Tim Clewlow (May 22)
- <Possible follow-ups>
- Re: DHCP auto431078 (May 22)
- Fw: Re: DHCP ( ( ( belly ) ) ) (May 25)