[Fedora] Re: DHCP security
Ashley M. Kirchner
ashley at pcraft.com
Wed Oct 10 01:52:16 UTC 2007
Mike C wrote:
> You can usually arrange to restrict machine that connect to only those with
> specified MAC address on the connecting interface - whilst this can be worked
> around by someone clever they would need to spoof the known MAC address of one
> of the machine in your list - but it is safer than not having a restriction to
> only known MAC addresse
The DHCP server is configured to only service known MAC addresses,
however this won't stop an unknown MAC from getting onto the network
with an available IP already configured. DHCP server won't know about
it and thus won't do anything about it. So to me, this is something
beyond what the DHCP server itself can do (or should do). That's what
I'm looking for, some way to block everything else that may pop up, that
did not use the DHCP server to get an IP to begin with.
More information about the fedora-list
mailing list