If you are using an NT domain structure and win95/98/NT clients, set the
workstations up the way you want them (static or dynamic) and then use a
system/user policy (System Policy Editor) to restrict access to the
Network control panel to all except administrators. That should keep
users from changing their settings.
If you want to filter by machine name, I think MS Proxy 2.0 allows you
to add machine names to a list of computers who will be allowed/denied
access through it. If you used this proxy or one of its equivalents, you
could deny outgoing http traffic to all except the proxy and restrict
access by host at the proxy. Actually, I think that both M$'s product
and most other proxy's will first resolve the computername to IP before
actually screening, so this might not be what you are looking for,
unless you can keep users from changing IP's.
As many firewalls allow screening by domain name, you might try putting
a couple of FullyQualifiedDomainNames in the filter and see whether it
reads the host as a subdomain and allows you to screen it. Therefore
adding "casanova.biltrite.tsu.edu" to the 'disallowed domains' list
might actually screen a host (casanova) with this FQDN, even though
technically it's a hostname and a (sub)domain name(s).
Hope this helps. I know there are several solutions out there.
Dave Shackelford
IP Network Engineer
[EMAIL PROTECTED]
(714) 872-2344
'Good, Fast, Cheap. Pick two.'
> -----Original Message-----
> From: Matt Farwell [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 16, 1999 11:36 AM
> To: [EMAIL PROTECTED]
> Subject: machine names
>
>
> I am looking for a way to restrict machine names on our network.
> Possibly restrict who is able to access the dhcp server. In effect
> limiting who is able to use tcp/ip on the network without statically
> assigning an ip.
>
> Is it possible to filter traffic based upon the machine name that is
> assigned to a microsoft based client?
>
> Any other suggestions are welcome.
>
> Thanks in advance,
>
> Matt Farwell
> Truman State University
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
