hi andrew i think you want at least one level of protection against dhcp - prevent any tom, dick and harry from creating havoc by running their rootkits by connecting their laptop to the network
- it is bad to allow just anybody plug in their laptops with all the fun virus' and rootkits and let them run amuck and than disappear after causing major "email traffic: what happened" and have to go fix it ( whatever they did ) - all you know is somebody plugged something in at a ip# or mac address - i like setting up a dummy 386 machine that uses up all the unused ip# to prevent people from picking arbitrary ip# that they should NOT be using ( that is supposedly available ) - spoofing and other techie stuff requires one more year of school and yes... that is lot harder to prevent by the determined hacker or employee-that-wanna-get-around-the-dumb-security-policy c ya alvin On Tue, 29 Oct 2002, Andrew Sayers wrote: > I'm not a huge expert on all of this, but here are a couple of > thoughts... > > Unless you're monitoring IP/MAC addresses to try and detect > spoofing, knowing a machine's IP address is already useless from a > security POV. Even then, MAC addresses can be spoofed. Given that, > DHCP can't really make things much worse :) > > Another problem is that ISTR some mis-configured Win2K boxes run a DHCP > server by default, and some mis-configured students will doubtless enjoy > bringing rogue servers onto your network. You should make sure to look > out for any unauthorised DHCP-offer packets floating around. > > Similarly, students could potentially use a rogue DHCP server as the > first stage in an attack against another machine. This would be a lot > of work, though - anyone smart enough to do this is probably wouldn't > need to change their marks on the exam :) > > - Andrew Sayers > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]