Firewall Wizards mailing list archives
RE: DHCP in a corporate MS environment - Security Risk?
From: "Noonan, Wesley" <Wesley_Noonan () bmc com>
Date: Thu, 23 Jan 2003 11:26:22 -0600
I think that Cisco's User Registration Tool (URT) does something similar to this, whereby users are authenticated into VLAN's which in turn pulls new addresses from DHCP based on those VLANs. I have never used the tool myself however. http://www.cisco.com/en/US/customer/products/sw/secursw/ps2136/index.html HTH Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+ Senior QA Rep. BMC Software, Inc. (713) 918-2412 wnoonan () bmc com http://www.bmc.com
-----Original Message----- From: Ben Nagy [mailto:ben () iagu net] Sent: Thursday, January 23, 2003 02:01 To: Darden, Patrick S.; firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] DHCP in a corporate MS environment - Security Risk? Hi Patrick, Do you have any links or references to good solutions along these lines? I remember many years ago now people were working on stuff that gave you a DHCP lease on a temp VLAN (so you could get IP) then authenticated you, then gave you another lease on a different VLAN as per your credentials. The problem was that it was really convoluted, and DHCP/database server failure was a show stopper. It would be great to be able to so "user-based" dhcp where you can put people into pools of dynamic addresses based on login, I just didn't think it was workable. Cheers, ben ----- Original Message ----- From: "Darden, Patrick S." <darden () armc org> [...] Subject: RE: [fw-wiz] DHCP in a corporate MS environment - Security Risk?Another possibility would be a more secure alternative to DHCP. With Radius (just one example) you can require that people authenticate off of user database (Unix passwd/shadow file, LDAP, NT Domain, ADS....)[...]--Patrick Darden_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: DHCP in a corporate MS environment - Security Risk?, (continued)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Darden, Patrick S. (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 23)
- Re: DHCP in a corporate MS environment - Security Risk? Gary Flynn (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 23)
- RE: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 22)