This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

allow dhcp only for known mac addresses

This feature looks rather simple to implement:

I would like to be able to enter mac addresses from the pc's that are known to me, and allow only those networkcards to receive an ip address.

Currently, it's a dhcp-on or dhcp-off situation, unless I'm missing something.

I know it's no defence against intruders,but still, I'd like to control the handing out of ip addresses.

mj

This thread was automatically locked due to age.

0 BarryG over 17 years ago in reply to mourik_jan

I seem to have caused lot of reactions. Anyway, the only reason i want to do this, is because without mac registration everybody plugs-in their incredibly infected laptops in my network, and starts spreading trojans and infecting others with virusses

This is the only thing I am trying to make harder.

The recommendation below, in conjunction with my initial recommendation, should work well.
The only thing I can think of that it wouldn't protect against would be if there were a exploit in your PCs which could be attached by broadcast traffic (uPnP?)

Barry

And for the DHCP Problem...
just give out a IP Range that lives outside of your Subnet, so a "unknown" PC can´t talk to anything...
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 17 years ago in reply to BarryG

An additional option, if you want to allow people to plugin untrusted laptops, is to have a subnet for them, and a gateway (second IP on interface), but have rules to DENY all traffic from that subnet to your LANs and SMTP proxy.

This requires the items from the post directly above be implemented first.

Barry
Cancel
Vote Up 0 Vote Down

Cancel