Jump to content

N1K

Patron
  • Posts

    1,225
  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    Croatia

Everything posted by N1K

  1. What have you installed for Windows customization?
  2. If MAC filtering isn't good enough, you're looking at 802.1x and a RADIUS server if you want additional security (802.1x will basically only allow EAPOL packets from a machine before it auths against the RADIUS server). Thx Cluberti, RADIUS is one of the options, but we'll see about that.
  3. Actually, we never had any security issues with our network, but recently we had a revision where we got requests to upgrade security in our company. One of that security issues concern DHCP server. We need to have at least 10-20 DHCP free leases at each location, depends on the size of location, and there's nothing much you can do with DHCP regarding its security since DHCP server security is often one of the most overlooked areas of network security. One reason for this might be the simplicity of how DHCP works: DHCP clients broadcast discovery messages (DHCPDISCOVER) containing their MAC addresses and DHCP servers respond by offering (DHCPOFFER) to lease an IP address and other TCP/IP settings that the client can use to communicate on the network. The client responds (DHCPREQUEST) to the first lease offer it receives and the server acknowledges (DHCPACK) the request and marks the address as leased in its DHCP database. That's all there is to it—who needs to worry about security? Seems that only thing we can do is to secure door locks and prevent any unauthorized physical access to our network resources.
  4. Yes, I'll have to upgrade as fast as I can.. As for the DHCP, our situation is clumsy since we have so many locations. I'm afraid there's not much we can do regarding DHCP issue.
  5. We have static IP's for PC desktops but have to use DHCP for laptops since we have a lot of people travelling to other locations of our company. For example: Mark is working at location A44300xx of our company and that's where he spends most of his working hours. At that location he gets reserved IP from DHCP (MAC Address). That IP is bounded with MAC address and a name of that laptop. Ex. Name of the laptop: A44300AB where 300 represent location subnet and AB is hex from dec IP (171). MAC would be xxxxx44300AB. So I make a reservation for that laptop by his MAC Address and he'll always get that IP on his "mother" location. When he goes to any other location, for instance A44500xx and connects his laptop to the network, he'll get a non-reserved IP address from local DHCP on that location. These range will be from 180 to 199 (last octet), since he has no reservation there. That's the way we worked so far and it was doin' very good, but we have to enforce our security in various fields including DHCP leases. Anyway thank you for your reply.
  6. Hey guys, I have a question. Does any of you know how can I protect my network from unauthorized DHCP address leases. Here's a quick info about the network and situation. 1000< PC's with static IP addresses. 150< Laptops with DHCP addresses (mostly reserved IP's by MAC address) I would like to know is there a way to protect my network by DHCP not aquiring IP's to unathorized laptops/PC's. For instance, current situation is that DHCP provides IP's to anyone that connects to our network, and besides that he/she won't be able to access any of our network or domain resources, I'd like to prevent DHCP server leases for those laptops. I know I can protect this with setting port security on the switch, but I'd like to know if this is possible in any other way? Thx
  7. I want to guess this is sarcasm, is it? You're right mate
  8. Welcome to the board John
  9. Harry Potter - What or who the f.. is that?
  10. N1K

    hi2all

    Welcome to the forum
  11. Welcome to the board mate.
  12. Well, it's time to get myself a new machine 'cause the rig I have now won't work with this graphics
  13. Wait until November when UT3 will be released
  14. I could use this links, thx a lot guys!
  15. Welcome to the board bud!
  16. Event ID 4226 Patcher Download LINK Notice: You should be a Windows Server license holder or this action is considered as illegal!!
×
×
  • Create New...