Re: MAC address registrations

[Arturo Lev Servin <aservin () ITESM MX>]

Hi,

       I have a couple of questions.

> Kevin Shalla wrote:
>
> > What do others do regarding registering MAC addresses?  Do you have
> > policies regarding who is allowed a routable IP address, or who is allowed
> > a static IP address?
>
> Kevin,
>
> We have a DHCP based system that registers all computers as
> they come online. It is not a security measure as much as
> an administrative aid as it can be circumvented but we haven't
> found anyone doing it yet. It has proved invaluable in helping
> improve incident response, mobile computing, and address
> management.
>
> There is a package called NetReg that many schools use to
> perform this task for their residence networks. Take a look
> at it. It should be easily found on Google. Our system is a
> home grown package but I think it works approximately the same
> way. Here is a summary of how it works:
>
> 1) Client issues DHCP request
>
> 2) If client's MAC address is not in the DHCP server table, the
>    DHCP server furnishes an IP address that is restricted by
>    router filters and given a DNS server that will resolve all
>    DNS lookups to a registration web site.

       So, in the same vlan you have "invalid" and "valid" ip addresses?

       If so, how do you deny that a user sniff the network and
asign itself a static IP address of the valid pool?

Thanks in advance,
-as




--
*****************************

Arturo Lev Servin Niembro
aservin () itesm mx
+52 (81) 8358-1400 ext.4131
Telecomunicaciones y Redes
Vicerrectoria de Tecnologias de Informacion
Tecnologico de Monterrey

*****************************

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.