Security Basics mailing list archives
RE: Down with DHCP!!!!
From: "Steven Jones" <Steven.Jones () vuw ac nz>
Date: Thu, 23 Feb 2006 11:51:00 +1300
While giving say 3 or 4 machines static IPs is OK, 5000 is impossible.....DHCP offers us no issues with following security issues. We often lock an IP to a MAC address and deny new machines where we know the area is physically insecure, eg a student lab. So dhcp has far more positive uses than not. Regards Steven -----Original Message----- From: Mitch Pope [mailto:mitch () bigbridge com au] Sent: Wednesday, 22 February 2006 12:27 p.m. To: security-basics () securityfocus com Subject: RE: Down with DHCP!!!! Totally agree, I could not imagine running any network with more than 10 machines without DHCP. It's one of the protocols that actually make life easier for sys admins, and when setup correctly you can know exactly who had the lease at any given time. Regards, Mitch Pope -----Original Message----- From: Brian Loe [mailto:knobdy () gmail com] Sent: Wednesday, 22 February 2006 12:45 AM Cc: security-basics () securityfocus com Subject: Re: Down with DHCP!!!! I would make jokes about your last comment, but I'm too weirded out by this whole thread to even try. The company I work for, which is hardly at the forefront of security, can tell you when a new machine is added to the network, the instant it is added. Very soon, we'll be implementing port security on all of our switches and a centralized log server to gather data from every device on our network. Your reasons for wanting to dump DHCP are as flawed as the original poster's reasoning. Right now I can log into a FREE piece of software I have implemented here and tell you what MAC address had which IP address - for any period of time going back 2 weeks (and I could configure it to keep the records longer). Eventually everything will be getting logged in such a way that I'll be able to tell you when an "incident" occured, on what network, via which MAC address on which port of which switch...etc. I will be doing all of this with freely available, open source code that you could download and install right now...if you were in a position to do so. On 18 Feb 2006 16:01:57 -0000, Y0 () non net <Y0 () non net> wrote:
I, too, would like to do away with DHCP. Not only for the reasons you
have outlined, but also because it is easier to track incidents back to a specific host, without worrying about whether or not the lease has expired.
Unfortunately, I am not in a position to mandate that change.
------------------------------------------------------------------------ --- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Down with DHCP!!!!, (continued)
- Re: Down with DHCP!!!! rob . lucchetti (Feb 21)
- Re: Down with DHCP!!!! someone (Feb 21)
- Re: Down with DHCP!!!! a_wirtz (Feb 21)
- RE: Down with DHCP!!!! Steven Johnston (Feb 21)
- Re: Down with DHCP!!!! jalvare7 (Feb 21)
- RE: Down with DHCP!!!! Jasun Tate (Feb 21)
- Re: Down with DHCP!!!! gigabit (Feb 22)
- Re: Down with DHCP!!!! tandernam (Feb 22)
- Re: Down with DHCP!!!! Brian Loe (Feb 22)
- RE: Down with DHCP!!!! Michael J. Benedetto (Feb 23)
- RE: Down with DHCP!!!! Steven Jones (Feb 22)
- RE: Down with DHCP!!!! Bergert, David (Feb 23)
- Re: RE: Down with DHCP!!!! anon (Feb 24)
- Re: Re: RE: Down with DHCP!!!! jctcmb (Feb 25)
- Re: Re: Re: RE: Down with DHCP!!!! me (Feb 27)