DHCP allocates IP addresses dynamically. How does DHCP know which (fixed
printer) IP addresses to stay away from? Does anyone know of a way to get
this list?
Well, actually that depends upon how you configure the DHCP server.
You can configure it to have a MAC address whitelist and to always give
a specific MAC address a specific IP address (a bit more secure and
makes auditing network events much easier as well).
The ISC DHCP server would have lines such as this:
host zaurak {
hardware ethernet 00:e0:98:b0:e1:7d;
fixed-address zaurak.vix.com;
}
for each allowed MAC address.
With or without a whitelist, by defining address pools, you can tell
the server which addresses to hand out and which ones to not use.
Again for the ISC DHCP server config file would use lines such as
the following for each dynamic block:
subnet 192.5.5.0 netmask 255.255.255.0 {
range 192.5.5.26 192.5.5.30;
option name-servers bb.home.vix.com, gw.home.vix.com;
option domain-name "vix.com";
option routers 192.5.5.1;
option subnet-mask 255.255.255.0;
option broadcast-address 192.5.5.31;
default-lease-time 600;
max-lease-time 7200;
}
(to allocate .26 to .30)
Skip
--
Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647
Taygeta Network Security Services email: skip@taygeta.net
1340 Munras Ave., Suite 314 WWW: http://www.taygeta.net/
Monterey, CA. 93940
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
