| 1 |
Hi Chris, |
| 2 |
on Tuesday, 2006-01-17 at 17:50:01, you wrote: |
| 3 |
> Say, I have a DHCP server is distributing 172.30.10.0/24 IP range, |
| 4 |
> but a joker simply plug in another DHCP server and distributing |
| 5 |
> 192.168.12.0/24 IP. Is there anyway I can stop the unwanted DHCP broadcast? |
| 6 |
|
| 7 |
That's a network infrastructure and policy issue. Use port security in |
| 8 |
your switches, i.e. filter by MAC addresses so everybody who wants to |
| 9 |
plug in their machine hast to pass by your desk and register their MAC. |
| 10 |
Set up dhcpcd on every machine to log its actions to syslog so you can |
| 11 |
determine the MAC address of every fake server that assigned some wrong |
| 12 |
address. Then get a cat-5-o'nine-tails |
| 13 |
(http://www.tasigh.org/tuq/whips.html) and wait. |
| 14 |
|
| 15 |
regards |
| 16 |
Matthias |
| 17 |
|
| 18 |
-- |
| 19 |
I prefer encrypted and signed messages. KeyID: FAC37665 |
| 20 |
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 |
Archives