Vulnerability Development mailing list archives
DHCP and Security
From: Rob.Nitzenberger () PENTAGON AF MIL (Nitzenberger, Rob, MSgt, AF/XORR)
Date: Thu, 3 Feb 2000 13:16:08 -0500
Need a policy read folks: The system I "manage" has 3200 users at various locations throughout the world, managed by a central NOC. Our firewall permissions (protocol and port) are highly restrictive and report any unauthorized actions (ftp, pings, finger,.....). The NOC gets a report from the firewall indicating which IP was the "offender". If I the LAN clients are configured with static IP's, it's easy to attribute the offending action with a LAN client, but with DHCP (which is the method of choice for our sys admin types), it has proven difficult to "map" an IP address back to a specific user... lease times expire, inadequate event logging..etc. How can I configure DHCP to balance the need for security with the wishes of the sys admin folks? Any Ideas? Rob Nitzenberger thenitz () email com
Current thread:
- Re: distributed.net and seti@home, (continued)
- Re: distributed.net and seti@home Sen_Ml Sen_Ml (Feb 01)
- Re: distributed.net and seti@home Kerneels (Feb 02)
- Re: distributed.net and seti@home Granquist, Lamont (Feb 03)
- Re: distributed.net and seti@home Steffen Zahn (Feb 04)
- Re: distributed.net and seti@home Sen_Ml Sen_Ml (Feb 01)
- Possible DHCP DOS attack Paul Keefer (Feb 02)
- Re: Possible DHCP DOS attack Sebastian Andersson (Feb 02)
- Re: Possible DHCP DOS attack Eric Hacker (Feb 03)
- Re: Possible DHCP DOS attack C.J. Oster (Feb 03)
- Re: Possible DHCP DOS attack Erik Fichtner (Feb 03)
- Re: Possible DHCP DOS attack Matthew S. Hallacy (Feb 03)
- DHCP and Security Nitzenberger, Rob, MSgt, AF/XORR (Feb 03)
- Re: DHCP and Security Erik Fichtner (Feb 03)
- Re: DHCP and Security Seth R Arnold (Feb 04)
- Re: DHCP and Security Jeff Bachtel (Feb 05)
- Re: Possible DHCP DOS attack Michal Zalewski (Feb 03)
- Re: Possible DHCP DOS attack Blue Boar (Feb 03)
- Re: distributed.net and seti@home Andrew Brown (Feb 02)