Thanks Tanu for your information. !
Thanks & Regards,
Jason Tan
Microsoft Online Partner Support
Get Secure! -
www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Tanu Mutreja [MSFT]" <
[email protected]>
| References: <
[email protected]>
<0#
[email protected]>
<
[email protected]>
<
[email protected]>
| Subject: Re: DHCP
| Date: Wed, 31 Aug 2005 22:25:28 +0530
| Lines: 190
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
| X-RFC2646: Format=Flowed; Original
| Message-ID: <
[email protected]>
| Newsgroups: microsoft.public.win2000.networking
| NNTP-Posting-Host: tide166.microsoft.com 207.46.50.75
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.win2000.networking:26633
| X-Tomcat-NG: microsoft.public.win2000.networking
|
| You might be interested in Microsoft NAP technology.
|
| Please refer to:
|
http://www.microsoft.com/windowsserver2003/technologies/networking/nap/defau
lt.mspx
|
http://download.microsoft.com/download/8/d/9/8d9b3e54-6db7-4955-9e36-58a3f05
34933/NAPIntro.doc
|
http://download.microsoft.com/download/3/9/f/39ff0ca3-56d1-4d93-af46-98f9213
4d040/NAPArch.doc
|
| -
| Tanu Mutreja [MSFT]
| --
| Please do not send e-mail directly to this alias. This alias is for
| newsgroup purposes only.
|
| | > Hi george,
| >
| > Thansk for reply!
| >
| > We can only prevent a "unauthorized" user from geting a vaild IP Address
| > from DHCP server using IP Reservation. However, I am afraid that we
cannot
| > prevent a "unauthorized" user from plug-in since DHCP is working in the
| > broadcast domain in a subnet. Machine in In the subnet can all send DHCP
| > request broadcast to search DHCP server. Once DHCP server find the
| > request,
| > it will give response. Therefore, we cannot control "unauthorized" user
| > through DHCP server. Based on my experience, it could be achieved by
| > configuration on some swithch.
| >
| > Thanks & Regards,
| >
| > Jason Tan
| >
| > Microsoft Online Partner Support
| > Get Secure! -
www.microsoft.com/security
| >
| > =====================================================
| >
| > When responding to posts, please "Reply to Group" via your newsreader so
| > that others may learn and benefit from your issue.
| >
| > =====================================================
| > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| >
| >
| >
| > --------------------
| > | Thread-Topic: DHCP
| > | thread-index: AcWtn9C7tKwSxw1eSIybYTh3VGmRGg==
| > | X-WBNR-Posting-Host: 209.244.152.162
| > | From: "=?Utf-8?B?R2VvcmdlIFNjaG5laWRlcg==?="
| > <
[email protected]>
| > | References: <
[email protected]>
| > <0#
[email protected]>
| > | Subject: RE: DHCP
| > | Date: Tue, 30 Aug 2005 13:17:16 -0700
| > | Lines: 92
| > | Message-ID: <
[email protected]>
| > | MIME-Version: 1.0
| > | Content-Type: text/plain;
| > | charset="Utf-8"
| > | Content-Transfer-Encoding: 7bit
| > | X-Newsreader: Microsoft CDO for Windows 2000
| > | Content-Class: urn:content-classes:message
| > | Importance: normal
| > | Priority: normal
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > | Newsgroups: microsoft.public.win2000.networking
| > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > | Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.win2000.networking:26617
| > | X-Tomcat-NG: microsoft.public.win2000.networking
| > |
| > | I think I wasn't clear in my earlier posts. I appoligize for the
| > confussion.
| > | My DHCP server is working great for my network. What I want to
prevent
| > is
| > | that when we have someone visitng such as our friendly auditors, to
| > prevent
| > | them from getting all of the information from the DHCP server. We
have
| > no
| > | way of knowing if there laptops are secure or what they are doing.
We
| > do
| > not
| > | want them to access our network or the internet using our aulable nad
| > width
| > | for their activities. We want to prevent unauthorized users from just
| > | plugging in.
| > |
| > |
| > |
| > | "Jason Tan (MSFT)" wrote:
| > |
| > | > Hi george,
| > | >
| > | > Thanks for posting!
| > | >
| > | > I understand that you want to prevent a user from getting valid IP
| > address
| > | > from DHCP. If I have misunderstood your concerns, please feel free
to
| > let
| > | > me know.
| > | >
| > | > Based on my research, if you need to achieve the goal on DHCP sever,
| > you
| > | > may assign a reservation on the DHCP server. Reservations are
| > permanent
| > | > lease assignments that are used to ensure that a specified client
on a
| > | > subnet can always use the same IP address. For more information,
| > please
| > | > refer to the following article:
| > | >
| > | > Creating Reservations
| > | >
| >
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKi
| > | > t/690d8742-3f92-4eac-ba00-8e93feaafe86.mspx
| > | >
| > | > Add a client reservation
| > | >
| >
http://www.microsoft.com/windows2000/en/advanced/help/sag_DHCP_pro_AddReserv
| > | > ation.htm
| > | >
| > | > Advantages of DHCP Reservation over Static IP Assignment
| > | >
http://support.microsoft.com/default.aspx?scid=kb;en-us;170062
| > | >
| > | > Hope the information helps. If there is anything that is unclear,
| > please
| > | > feel free to let me know.
| > | >
| > | > Thanks & Regards,
| > | >
| > | > Jason Tan
| > | >
| > | > Microsoft Online Partner Support
| > | > Get Secure! -
www.microsoft.com/security
| > | >
| > | > =====================================================
| > | >
| > | > When responding to posts, please "Reply to Group" via your
newsreader
| > so
| > | > that others may learn and benefit from your issue.
| > | >
| > | > =====================================================
| > | > This posting is provided "AS IS" with no warranties, and confers no
| > rights.
| > | >
| > | >
| > | >
| > | > --------------------
| > | > | Thread-Topic: DHCP
| > | > | thread-index: AcWs29u4JT6gm2RNSXC0m/Wq3n2/3Q==
| > | > | X-WBNR-Posting-Host: 209.244.152.162
| > | > | From: "=?Utf-8?B?R2VvcmdlIFNjaG5laWRlcg==?="
| > | > <
[email protected]>
| > | > | Subject: DHCP
| > | > | Date: Mon, 29 Aug 2005 13:54:33 -0700
| > | > | Lines: 4
| > | > | Message-ID: <
[email protected]>
| > | > | MIME-Version: 1.0
| > | > | Content-Type: text/plain;
| > | > | charset="Utf-8"
| > | > | Content-Transfer-Encoding: 7bit
| > | > | X-Newsreader: Microsoft CDO for Windows 2000
| > | > | Content-Class: urn:content-classes:message
| > | > | Importance: normal
| > | > | Priority: normal
| > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| > | > | Newsgroups: microsoft.public.win2000.networking
| > | > | NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| > | > | Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| > | > | Xref: TK2MSFTNGXA01.phx.gbl
| > microsoft.public.win2000.networking:26588
| > | > | X-Tomcat-NG: microsoft.public.win2000.networking
| > | > |
| > | > | We have auditors that come in from time to time and just plug
there
| > | > laptops
| > | > | into an open network socket. IS there anyway to prevent the DHCP
| > server
| > | > form
| > | > | handing them an valid ip address making them not capable of being
on
| > are
| > | > | network.
| > | > |
| > | >
| > | >
| > |
| >
|
|
|
