Deny DHCP Address by MAC?
Adam Moffett
adamlists at plexicomm.net
Fri Jul 16 20:38:21 UTC 2010
An easy way would be to assign him an IP that doesn't work.
> A .EDU with insecure offices, network outlets, and labs, is trying to
> track down a rogue DHCP client on their network that also happens to
> be infected with conficker.
>
> They have a completely open DHCP setup (this is the entire dhcpd.conf
> file):
>
> ddns-update-style ad-hoc;
> authoritative;
> subnet 192.168.9.0 netmask 255.255.255.0 {
> range 192.168.9.125 192.168.9.200;
> option subnet-mask 255.255.255.0;
> option broadcast-address 192.168.9.255;
> option routers 192.168.9.1;
> option domain-name-servers 192.168.9.4;
> option domain-name "xxx.xxx.xxx";
> }
>
> Any connected machine can get an address from the range specified in
> the config file. Bouncing this one's lease merely results in it
> getting a new one.
>
> They know the rogue machine's MAC address, of course. Can they deny
> it a DHCP address based only on the MAC? How? Thanks.
More information about the dhcp-users
mailing list