Security Basics mailing list archives

Re: DHCP

From: Nikhil Wagholikar <visitnikhil () gmail com>
Date: Fri, 22 May 2009 22:57:58 +0530

Hi Doug McFarland,

Microsoft Windows 2008 has a feature called "Network Access Control"
(NAC), which can help in addressing your problem.

Somewhat similar feature is available in Microsoft Windows 2003 called
"Network Access Quarantine Control" (NAQC).

More Information:

1. Server 2003’s Network Access Quarantine Control: What is it and How
Does it Enhance Security? -
http://www.windowsecurity.com/articles/Server-2003-Network-Access-Quarantine-Control-Security.html

2. Network Access Quarantine Control in Windows Server 2003 -
http://technet.microsoft.com/en-us/library/bb726973.aspx

Hope this helps.

---
Nikhil Wagholikar
Practice Lead | Security Assessments & Digital Forensics
Network Intelligence (India) Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Trainings:
http://iisecurity.in/courses/Training%20Calendar.html


2009/5/22 Doug McFarland <djm () yantarni com gt>


Hi all,



I am looking for a way to block any PC that plugs into my network that is
not authorized to access any network resources-servers, firewalls, etc. Is
there a way in DHCP that I can add reservations just for the PCs that I want
to allow the network resources and any other pc/laptop that happens to be
plugged into the network either doesn't get an IP address, gets a dummy IP
address, or something else? I've heard Windows Server 2008 can do this, but
I'm not sure about 2003. Any suggestions would be greatly appreciated.



Best regards,



djm





------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. 
Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

DHCP Doug McFarland (May 22)
- Re: DHCP John Bailey (May 22)
  - RE: DHCP Cisternas Marquez, Gonzalo (May 25)
- Re: DHCP Gustavo Campos (May 22)
- RE: DHCP Valentin Fernandez Bolland (May 22)
  - Message not available
    - Re: DHCP Eric Kollmann (May 22)
    - Re: DHCP Tim Clewlow (May 22)
- Re: DHCP Shreyas Zare (May 22)
  - Message not available
    - Re: DHCP Shreyas Zare (May 22)
- RE: DHCP David Gillett (May 22)
- Re: DHCP Nikhil Wagholikar (May 22)
- Re: DHCP Philip Holbrook (May 22)
  - Re: DHCP Tim Clewlow (May 22)
- Re: DHCP bart knippenberg (May 25)
- <Possible follow-ups>
- Re: DHCP auto431078 (May 22)
- Fw: Re: DHCP ( ( ( belly ) ) ) (May 25)