Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Down with DHCP!!!!

from [Steven Jones] Network Security [Permanent Link]
Subject: RE: Down with DHCP!!!!
Date: Thu, 23 Feb 2006 11:51:00 +1300 
While giving say 3 or 4 machines static IPs is OK, 5000 is
impossible.....DHCP offers us no issues with following security issues. 

We often lock an IP to a MAC address and deny new machines where we know
the area is physically insecure, eg a student lab. So dhcp has far more
positive uses than not.

Regards

Steven



-----Original Message-----
From: Mitch Pope [mailto:mitch@bigbridge.com.au] 
Sent: Wednesday, 22 February 2006 12:27 p.m.
To: security-basics@securityfocus.com
Subject: RE: Down with DHCP!!!!

Totally agree, I could not imagine running any network with more than 10
machines without DHCP.  It's one of the protocols that actually make
life
easier for sys admins, and when setup correctly you can know exactly who
had
the lease at any given time.

Regards,
Mitch Pope

-----Original Message-----
From: Brian Loe [mailto:knobdy@gmail.com] 
Sent: Wednesday, 22 February 2006 12:45 AM
Cc: security-basics@securityfocus.com
Subject: Re: Down with DHCP!!!!

I would make jokes about your last comment, but I'm too weirded out by
this whole thread to even try. The company I work for, which is hardly
at the forefront of security, can tell you when a new machine is added
to the network, the instant it is added. Very soon, we'll be
implementing port security on all of our switches and a centralized
log server to gather data from every device on our network.

Your reasons for wanting to dump DHCP are as flawed as the original
poster's reasoning. Right now I can log into a FREE piece of software
I have implemented here and tell you what MAC address had which IP
address - for any period of time going back 2 weeks (and I could
configure it to keep the records longer). Eventually everything will
be getting logged in such a way that I'll be able to tell you when an
"incident" occured, on what network, via which MAC address on which
port of which switch...etc. I will be doing all of this with freely
available, open source code that you could download and install right
now...if you were in a position to do so.


On 18 Feb 2006 16:01:57 -0000, Y0@non.net <Y0@non.net> wrote:

I, too, would like to do away with DHCP. Not only for the reasons you

have
outlined, but also because it is easier to track incidents back to a
specific host, without worrying about whether or not the lease has
expired.


Unfortunately, I am not in a position to mandate that change.



------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting
experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity
Planning,

Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---




------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting
experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity
Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: What addresses to put on my NEW black list?, Ryan Cummings
Next by Date:  RE: Why Easy To Use Software Is Putting You At Risk, Craig Wright
Previous by Thread:  RE: Down with DHCP!!!!, Michael J. Benedetto
Next by Thread:  RE: Down with DHCP!!!!, Bergert, David
Indexes:  [Date] [Thread] [Top] [All Lists]