Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: prevent DHCP server giving out leases to non-domain machines?

from [Murad Talukdar] Network Security [Permanent Link]
Subject: RE: prevent DHCP server giving out leases to non-domain machines?
Date: Wed, 28 Dec 2005 12:11:00 +1000 
Thanks for all the replies. I can see now that my first thought on it was
correct-ie that the DHCP process takes place first and below the domain
radar so to speak, I was trying to work out whether there was any 'MS' way
of preventing this.
I can see that using the switch based solution might be good and I will
check out Oliver's suggestion too.
Further to this, how does spoofing the MAC address affect the whole leasing
process? Especially if there is already a card with the same MAC on the
subnet? 

Regards
Murad Talukdar

-----Original Message-----
From: Oliver Schneider [mailto:Borbarad@gmxpro.net] 
Sent: Thursday, December 22, 2005 1:19 AM
To: Murad Talukdar
Subject: Re: prevent DHCP server giving out leases to non-domain machines?

Security Focus admins usually refuse my mails for whatever reason, so I
reply directly. You can forward this to the mailing list!

I've written a DHCP extension DLL which was tested on Windows 2000 and takes
a configuration file similar to the one Apache uses. The older version is
available from my website and was implemented in Delphi:
http://assarbad.net/stuff/!export/mackerer.rar

A newer version with the Apache-like conf file is still on my hard drive and
is in use in our Server/Client environment for almost 2 years now and has
proven stable. However, both were implemented for Windows 2000 and I need to
check compatibility with Windows 2003.

Cheers,

Oliver


--- Ursprüngliche Nachricht ---
Von: Murad Talukdar <talukdar_m@subway.com>
An: focus-ms@securityfocus.com
Betreff: prevent DHCP server giving out leases to non-domain machines?
Datum: Wed, 21 Dec 2005 11:59:33 +1000

Hi,
Is there a way to stop a W2003 DHCP server from giving out leases for IP's
if a machine does not belong to the domain? 
Or is this a fruitless question that someone simply needs to point out
something very simple to me.

A machine can't join the domain if it doesn't have an IP first(chicken and
egg type thing) I can see that but obviously I'm missing something
here-perhaps it's a question of layers-the domain is working at a 'higher'
layer?
Kind Regards
Murad Talukdar


 





---------------------------------------------------------------------------



---------------------------------------------------------------------------




-- 
---------------------------------------------------
May the source be with you, stranger ;)

ICQ: #281645
URL: http://assarbad.net




---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SecurityFocus Microsoft Newsletter #271, Marc Fossi
Next by Date:  Security events with same timestamp, nandini_pani
Previous by Thread:  RE: prevent DHCP server giving out leases to non-domain machines?, Slawek
Next by Thread:  SecurityFocus Microsoft Newsletter #270, Marc Fossi
Indexes:  [Date] [Thread] [Top] [All Lists]