1 |
Hi Chris, |
2 |
on Tuesday, 2006-01-17 at 17:50:01, you wrote: |
3 |
> Say, I have a DHCP server is distributing 172.30.10.0/24 IP range, |
4 |
> but a joker simply plug in another DHCP server and distributing |
5 |
> 192.168.12.0/24 IP. Is there anyway I can stop the unwanted DHCP broadcast? |
6 |
|
7 |
That's a network infrastructure and policy issue. Use port security in |
8 |
your switches, i.e. filter by MAC addresses so everybody who wants to |
9 |
plug in their machine hast to pass by your desk and register their MAC. |
10 |
Set up dhcpcd on every machine to log its actions to syslog so you can |
11 |
determine the MAC address of every fake server that assigned some wrong |
12 |
address. Then get a cat-5-o'nine-tails |
13 |
(http://www.tasigh.org/tuq/whips.html) and wait. |
14 |
|
15 |
regards |
16 |
Matthias |
17 |
|
18 |
-- |
19 |
I prefer encrypted and signed messages. KeyID: FAC37665 |
20 |
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 |