[ale] DHCP server and linux and exclusion of MAC addresses

[jj at spiderentertainment.com]

"Michael H. Warfield" wrote:

> On Tue, Nov 16, 1999 at 07:11:05AM -0800, cfowler at aimgroup.com wrote:
> > I have a machine that is DHCP'ing off my RH 6.0 machine.  I do not want it to do
> > that because it does not belong to our company but is on our switch.  These are
> > Intel 550/510 switches.  Level 3.  Maybe I can prevent it by assigning a VLAN to
> > his port.  Or I could exclude his MAC in the dhcpd.conf file.  Any help would be
> > greatly appreciated.
>
>         If you really want to be nasty (and I would) grab his MAC address
> out of the dhcp leases file and assign him a static address out in lala
> land somewhere (like 10.255.255.254) and give him 127.0.0.1 as his default
> gateway.  If it's a Windblows box, make sure his Netbios nameserver is
> also assigned to 127.0.0.1.  Then it's up to him to figure out why he's
> broken and how to fix it.

Heh, that's funny, but if he/she figured out how to DHCP of his server ..... they
might figure out quite quickly.

Make sure you look at the IRDP, I have a source code somwhere for this... but if it is
a m$, you can change their default routes add routes, etc.. let me know if ya want the
source code.


>         My real solution would be a firwall - FAST!  Do it with proxy-arp
> or with bridging and you can drop it in right in the path from the switch
> and isolate anything you want.

This is a serious risk. From what Michael describes, it sounds more like a colo. In
regards he might not do too much damage, but he can run webservers and stuff on
Michael's bill. More tho, another switch and a router will be sufficient, firewall is
an option (unless you got the money it can be slow when high volume hits), but the
real solution is seprate switches and a router.

Michael ..... Just address this issue asap. I experience alot of attacks and I hate
when my beeper goes off at 4am ... 30 min after I went to REM sleep.

Marek