Re: DHCP security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/09/2007 06:49 PM, Ed Greshko wrote:
> Ashley M. Kirchner wrote:
>>    While I realize DHCPd isn't a security program of any kind, this does
>> have to do with it.  So I just switched our entire network over to DHCP
>> assigned IPs in preparation for another project.  But in doing that,
>> I've come to realize that anyone could plug in their machine and
>> manually set their IP address and by-pass the DHCP discovery all
>> together.  And thus also gaining access to our internal network,
>> something we might not necassarily want to allow.  So the question now
>> is, is there some way to restrict traffic to only those assigned IPs
>> (through DHCP) and block anything else that happens to show up on the
>> network?  Maybe through iptables somehow?
> 
> FWIW, I feel the only truly secure way to do this is to use managed switches.
> 

I've been on university systems that use a hotel-like system.  On the
first connection on port 80 to any address, one is directed to an
authentication page.  All access is blocked to any address on all ports
until that authentication is given.

- --

  Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFHDBfpeERILVgMyvARAqEtAJ45OFblzAXb9xmn0ZZoj10OY+GU6QCfRvsK
fpS4uNoJtTC1KH8yvWffFak=
=0Cr/
-----END PGP SIGNATURE-----


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux