[K12OSN] deny IP based on MAC address....how?

Eric Harrison eharrison at mail.mesd.k12.or.us
Mon Oct 4 01:23:58 UTC 2004

On Sun, 3 Oct 2004, Jim Hays wrote:

>try looking at
>man dhcpd
>and serch for deny
>That may have the info you want.

The problem with denying that mac address is the client will eventually
give itself a 169.x.x.x address and continue to flood the network.
Depending on the setup, it may or may not still be a risk, but it
could still be chewing up bandwidth.

How about assigning it ;-)


	host goaway {
		hardware ethernet 01:02:03:04:05:06; # insert mac here

I've never tried this, but it at least sounds like it might work...


>Quoting David Trask <dtrask at vcs.u52.k12.me.us>:
>> Hi all,
>> I have a situation....I have an IP address that I believe is infected with
>> a worm that putting significant traffic on my network.  The IP address is
>> internal and I don't for the life of me know where it is.  I've tried
>> everything to find it.  I know the MAC address from the logs on my DHCP
>> server....what I'd like to do is prevent that MAC address from even
>> getting an IP address.   Is this possible?  I'm using an FC 1 server as my
>> DHCP server (that's all that particular server does...just DHCP).  I have
>> no desire to populate my entire dhcpd.conf file with all the MAC addresses
>> in my building....there's too many.  What I simply want to do is deny
>> giving an IP address to a particular machine (whose MAC address I
>> know)....and/or deny access to my network (from inside) to that IP
>> address.  (I've statically assigned that IP to that MAC in my dhcpd.conf
>> so I can at least track it, but now I need to shut it down)  Any ideas?
>> David N. Trask
>> Technology Teacher/Coordinator
>> Vassalboro Community School
>> dtrask at vcs.u52.k12.me.us
>> (207)923-3100

More information about the K12OSN mailing list