Network Security: Detailed info on Re: Blocking Access to Non-domain computers

Subject:	Re: Blocking Access to Non-domain computers
Date:	Tue, 24 Aug 2004 05:30:17 -0500

Subject:

Re: Blocking Access to Non-domain computers

Date:

Tue, 24 Aug 2004 05:30:17 -0500

On Thursday 19 August 2004 09:58, Brian Gehrke wrote:

I am running a W2K domain, using DHCP.  Is it possible to block
non-domain computers from getting an IP address from the DHCP server, so
they will not be able to access the Internet through the network.

Brian


I can see two ways to do this. One, assign all the systems a static lease, 
then create an exclusion so that there are no free addresses available. Two, 
implement port security at the switches so that only authorized MAC addresses 
can connect to the network. But so far as I'm aware, there's no way to limit 
DHCP assignments to domain members, as the server has no way to know if 
you're a domain member or not until the system has gotten an IP and can send 
its credentials.

If someone else has a better idea, I'd love to hear it.

-- 
Recursion: n. See Recursion

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Blocking Access to Non-domain computers, Brian Gehrke Re: Blocking Access to Non-domain computers, Ansgar -59cobalt- Wiechers Re: Blocking Access to Non-domain computers, Andreas Re: Blocking Access to Non-domain computers, Peter Wohlers Re: Blocking Access to Non-domain computers, Rob Hughes <= Re: Blocking Access to Non-domain computers, Oleksandr Darchuk Re: Blocking Access to Non-domain computers, Alexandre Verriere RE: Blocking Access to Non-domain computers, Steven A. Fletcher RE: Blocking Access to Non-domain computers, Raoul Armfield Re: Blocking Access to Non-domain computers, Richard Boswell Re: Blocking Access to Non-domain computers, Don Voss RE: Blocking Access to Non-domain computers, Dan and Liz Boyson Re: Blocking Access to Non-domain computers, Balaji Prasad RE: Blocking Access to Non-domain computers, Steven A. Fletcher RE: Blocking Access to Non-domain computers, Barrie Dempster

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Securing web site with redundancy ?, aditya shah
Next by Date:	[Full-Disclosure] Re: Images being pulled in Outlook 2003 even though don't download pictures is set?, Jason Coombs PivX Solutions
Previous by Thread:	Re: Blocking Access to Non-domain computers, Peter Wohlers
Next by Thread:	Re: Blocking Access to Non-domain computers, Oleksandr Darchuk
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Securing web site with redundancy ?, aditya shah

Next by Date:

[Full-Disclosure] Re: Images being pulled in Outlook 2003 even though don't download pictures is set?, Jason Coombs PivX Solutions

Previous by Thread:

Re: Blocking Access to Non-domain computers, Peter Wohlers

Next by Thread:

Re: Blocking Access to Non-domain computers, Oleksandr Darchuk

Indexes:

[Date] [Thread] [Top] [All Lists]