Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: DHCP in a corporate MS environment - Security Risk?

From: Paul Robertson <proberts () patriot net>
Date: Wed, 22 Jan 2003 17:57:21 -0500 (EST)
On Wed, 22 Jan 2003, David Lang wrote:


Paul (and others refering to the headachs of static addresses)

if you staticly assign the addresses via DHCP does your opposition still
stand?


Actually, that's what I don't like to do.  I don't mind managing static 
address assignments for servers (I've never had major issues with 
renumbering server networks.)


doing this gains you the central management advantages of DHCP


It adds another machine in the "must be working" dependency chain, and 
that's not something I tend to do lightly.  


since the address management is centralized it's much easier to avoid
duplicates.


If servers are up and running, checking before assigning a new number 
isn't all that difficult.

The few times I've had to do major renumbering, it's been a good thing to 
go touch all the servers.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: