DHCP

  • Thread starter Thread starter Sgriff
  • Start date Start date
S

Sgriff

Hi,
how would I stop DHCP issuing to machines not on our Domain?

At present *anyone* can plug a PC into our LAN and get an IP and therefore
gets on our LAN.

We want to stop this happening.. any ideas?


Thanks in advance!!

Steve
 
This is more of a network security issue than a dhcp security fix.

Check out your switches and see if port security is available. I know our
cisco and 3com's support this.

Once you enable port security on a switch you could then allow only one
mac address to go through the port (the first one that registers should
be it).
If someone disconnects a "good" computer from the network and plugs in
another the port would shut down and not allow any traffic through.

You should also take the time and find all ports that are not being used
and disable them.
 
Back
Top