Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Blocking Access to Non-domain computers

from [Steven A. Fletcher] Network Security [Permanent Link]
Subject: RE: Blocking Access to Non-domain computers
Date: Tue, 24 Aug 2004 23:53:56 -0500 
That is the only option I can think of.  If you think about it, how
could you keep non-domain computers from getting an IP address?  As far
as I know, there is no provision in DHCP for such control.  For the
system to determine whether or not to give the machine an address, the
machine would need to be able to communicate with the domain
controllers, which would require an IP address for the communication to
be able to happen.

Steve Fletcher
Senior Network Engineer, MCSE (NT4/Win2k), HP Master ASE, CCNA,
Security+
Integrity Technology Solutions
Phone: (309)664-8129
Toll Free: (888) 764-8100 ext. 129
Fax: (309) 662-6421
sfletcher@integrityts.com
 

-----Original Message-----
From: Andreas [mailto:andreas@inferno.nadir.org] 
Sent: Monday, August 23, 2004 2:16 PM
To: security-basics@securityfocus.com
Subject: Re: Blocking Access to Non-domain computers

Hello,

On Thursday 19 August 2004 16:58, Brian Gehrke wrote:

I am running a W2K domain, using DHCP.  Is it possible to block
non-domain computers from getting an IP address from the DHCP server,

so

they will not be able to access the Internet through the network.


is dhcp by mac address (which of course can easily be spoofed) 
an option?

regards,
andreas

------------------------------------------------------------------------
---
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand
skills of
a certified computer examiner, learn to recover trace data left behind
by
fraud, theft, and cybercrime perpetrators. Discover the source of
computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: User Activity Monitoring, Ansgar -59cobalt- Wiechers
Next by Date:  Re: Internet filtering at the packet level?, Brian Kim
Previous by Thread:  Re: Blocking Access to Non-domain computers, Alexandre Verriere
Next by Thread:  RE: Blocking Access to Non-domain computers, Raoul Armfield
Indexes:  [Date] [Thread] [Top] [All Lists]