Deny DHCP Address by MAC?
Simon Hobson
dhcp1 at thehobsons.co.uk
Sat Jul 17 07:14:24 UTC 2010
Tim Evans wrote:
>A .EDU with insecure offices, network outlets, and labs, is trying
>to track down a rogue DHCP client on their network that also happens
>to be infected with conficker.
...
>They know the rogue machine's MAC address, of course. Can they deny
>it a DHCP address based only on the MAC? How? Thanks.
What sort of switches do you have ? In situations like this, smart
(or semi-smart) switches are your friend as you can query the MAC
tables and find out the physical port the device is connected to.
Even if it doesn't have a search facility in the Web GUI, then you
can usually use SNMP to walk the data.
snmpwalk is a useful command. Even more so if you have the MIB for
the device so it can tell you human-readable node names instead of
arbitrary numbers.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
More information about the dhcp-users
mailing list