Firewall Wizards mailing list archives
Re: DHCP in a corporate MS environment - Security Risk?
From: "Ben Nagy" <ben () iagu net>
Date: Fri, 24 Jan 2003 09:08:41 +0100
----- Original Message ----- From: "Gary Flynn" <flynngn () jmu edu> [...]
Ben Nagy wrote:I remember many years ago now people were working on stuff that gave you
a
DHCP lease on a temp VLAN (so you could get IP) then authenticated you,
then
gave you another lease on a different VLAN as per your credentials. The problem was that it was really convoluted, and DHCP/database server
failure
was a show stopper.
[...]
You mean something like this:
http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/urt/uurt/ur1p lan.htm Something exactly like that, actually. ;) Convoluted, requires an all Cisco switched to the user environment and the URT server is a point of failure.
From what I hear it didn't sell well, despite being a fantastically cool
technical solution to a hard problem. I noticed that you were involved in a unisog discussion about this stuff, Gary - I couldn't find enough of the messages in my quick search to work out whether anyone had a solution that they were satisfied with that didn't require quite as much single vendor tomfoolery (not that I don't love Cisco, by the way). I think I saw something similar, as well, coming out of a University that had to deal with the wireless issue, using VPN clients and proxies which was a seriously cool solution, although only tangentially related and I'm not sure if it made it onto this list. Given the new whitepaper on wireless MAC spoofing (and detection measures for same) I guess people will be thinking about all that again. Cheers, ben _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: DHCP in a corporate MS environment - Security Risk?, (continued)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 28)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 29)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Noonan, Wesley (Jan 21)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 23)
- Re: DHCP in a corporate MS environment - Security Risk? Gary Flynn (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 24)
- RE: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 22)