On Tue, 2007-10-09 at 20:15 +0000, Mike C wrote: > Ashley M. Kirchner <ashley <at> pcraft.com> writes: > > So the question now > > is, is there some way to restrict traffic to only those assigned IPs > > (through DHCP) and block anything else that happens to show up on the > > network? Maybe through iptables somehow? > > You can usually arrange to restrict machine that connect to only those with > specified MAC address on the connecting interface - whilst this can be worked > around by someone clever they would need to spoof the known MAC address of one > of the machine in your list - but it is safer than not having a restriction to > only known MAC addresses > HTH > > > You can use NetReg (http://netreg.sourceforge.net/) to strengthen your dhcp access. On the other hand you can user arpwatch to see if a system changes it's hw address. And last, but not least you can use an authenticated firewall (NuFW comes right now into my mind). HTH Calin ================================================= Isn't it strange that the same people that laugh at gypsy fortune tellers take economists seriously?