Firewall Wizards mailing list archives
Re: DHCP in a corporate MS environment - Security Risk?
From: Luca Berra <bluca () comedia it>
Date: Wed, 29 Jan 2003 00:23:21 +0100
On Sat, Jan 25, 2003 at 12:53:35AM +0100, Luca Berra wrote:
On Wed, Jan 22, 2003 at 09:21:25AM +0100, Ben Nagy wrote:Put me down as a "me too" for Wes's post. Static IP assignment for individual clients is insane. If you want strong(ish) machine-based security then look at switch port MAC filters; they're also insane from a management point of view but at least they actually offer a positive security delta.you will probably want to implement 802.1X, MAC filters are a nightmare to manage.
besides that mac address can be faked, and if the scenario is someone having access to the client workstation lan and trying to escalate privileges it is not even difficult to gather the correct ip/mac combo. L. -- Luca Berra -- bluca () comedia it Communication Media & Services S.r.l. /"\ \ / ASCII RIBBON CAMPAIGN X AGAINST HTML MAIL / \ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- DHCP in a corporate MS environment - Security Risk? Eye Am (Jan 21)
- Re: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 21)
- Re: DHCP in a corporate MS environment - Security Risk? yossarian (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Bill Royds (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 28)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 29)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Luca Berra (Jan 22)
- <Possible follow-ups>
- RE: DHCP in a corporate MS environment - Security Risk? Noonan, Wesley (Jan 21)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? David Lang (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul Robertson (Jan 22)
- RE: DHCP in a corporate MS environment - Security Risk? Paul D. Robertson (Jan 22)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 23)
- Re: DHCP in a corporate MS environment - Security Risk? Gary Flynn (Jan 24)
- Re: DHCP in a corporate MS environment - Security Risk? Ben Nagy (Jan 24)