On Jan 29, 2008 11:52 AM, Bryan Scott <[EMAIL PROTECTED]> wrote: > Tom DeReggi wrote: > > Yes but there are some security concerns with DHCP when sharing wireless > > sectors. To prevent requires tracking MAC addressess, which is one more > > headache to track. Sure if you are doing true 802.11 CPE, no problem, the > > link uses the MAC of the CPE that you already know, but when supporting true > > bridging, it means discovering teh MAC of the customer provided Home Router. > > Any radio worth its salt that does true bridging would also have a > bridging table that is accessible via SNMP or HTML screen scraping. One > of our in-house programs polls all the AP's (we're a Canopy outfit, but > same principles apply to most Ethernet-based gear) and saves the MAC > addresses to a database, where I match the MACs to the subscriber's > radio and back to their account. > > It's usefulness is most apparent when a customer wonders why their > connection is lousy and we can see that they've either got 1) their > radio plugged into a switch instead of a router and we can see all their > computers, or 2) their computer is doing one of those > change-my-mac-every-10-seconds network attack things. > > Our central DHCP server logs which router the requests come from as > well, helping us to narrow down which section of the network to search > in the case that the MAC doesn't show up in any of the radios.
So what happens when the customer plugs the radio into the switch and is broadcasting his local DHCP info to everybody? That would really mess up the network. -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
