Users connect unauthorize laptops to my network.

  • Thread starter Thread starter Amil Fortuna
  • Start date Start date
A

Amil Fortuna

How can I find out when this event happen?
Is DHCP able to genrate an event sink?
Can DCHP create a log entry? when an IP address is assigned to a computer.

Environment: w2k domain.
Fully patched
2 DC's, 2 DHCP's 2 WINS
Thanks
 
You can view dhcp leases to see who has a computer lease but I don't know of
a way to generate an event in the security log and that would give a false
sense of security as it will not prevent unathorized users from connecting
to the network with a properly configured static IP. In a smaller network
you could also use a scope that had nothing but reservations mapping mac
addresses to IP addresses.

Better solutions depending on network configuration and budget would be to
possibly use ipsec to protect data on sensitive computers or use switches
that can filter based on mac addresses or use 802.1X authentication
switches, requiring certificate machine authentication. --- Steve

http://www.dlink.com/products/?pid=87 -- an affordable swtich with mac
filtering and 802.1X port based authentication
http://www.nwfusion.com/research/2002/0506whatisit.html -- description of
802.1X
 
Back
Top