[K12OSN] deny IP based on MAC address....how?

Doug Simpson simpsond at leopards.k12.ar.us
Mon Oct 4 14:10:47 UTC 2004


Will not the DHCP leases file give the name of the computer?  Aren't your 
computers named by location?

Every computer on my network (winders ones,anyway) have a name that is 
unique and location-based.

Example:

pr15rc3 is a sample name.  That tells me it is in the Primary Building, 
Room 15 and it is the third Reading Counts! (students) computer.

hs11t means High School Room 11, Teacher's station.

The /var/lib/dhcp/dhcpd.leases file gives the computer name, MAC address 
and IP assignment.

Then you will know where that computer is.

I learned this by the same problem.  Name the computers by location and 
you can find troubled ones more easily using DHCP.  Also, if you run 
Samba, you can take that information and look at status and see who is 
actually using that computer (who is logged in on it), so that if it is 
and XP, you knwo who's profile to look in for virus-related files.

Doug Simpson
Technology Specialist
DeQueen Public Schools
DeQueen, AR 71832
simpsond at leopards.k12.ar.us
Tux for President!

On Sun, 3 Oct 2004, David Trask wrote:

> Hi all,
> 
> I have a situation....I have an IP address that I believe is infected with
> a worm that putting significant traffic on my network.  The IP address is
> internal and I don't for the life of me know where it is.  I've tried
> everything to find it.  I know the MAC address from the logs on my DHCP
> server....what I'd like to do is prevent that MAC address from even
> getting an IP address.   Is this possible?  I'm using an FC 1 server as my
> DHCP server (that's all that particular server does...just DHCP).  I have
> no desire to populate my entire dhcpd.conf file with all the MAC addresses
> in my building....there's too many.  What I simply want to do is deny
> giving an IP address to a particular machine (whose MAC address I
> know)....and/or deny access to my network (from inside) to that IP
> address.  (I've statically assigned that IP to that MAC in my dhcpd.conf
> so I can at least track it, but now I need to shut it down)  Any ideas?
> 
> David N. Trask
> Technology Teacher/Coordinator
> Vassalboro Community School
> dtrask at vcs.u52.k12.me.us
> (207)923-3100
> 
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
> 




More information about the K12OSN mailing list