[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] deny IP based on MAC address....how?



On Sun, 3 Oct 2004, Jim Hays wrote:

>
>try looking at
>
>man dhcpd
>
>and serch for deny
>
>That may have the info you want.

The problem with denying that mac address is the client will eventually
give itself a 169.x.x.x address and continue to flood the network.
Depending on the setup, it may or may not still be a risk, but it
could still be chewing up bandwidth.

How about assigning it 127.0.0.1? ;-)

/etc/dhcpd.conf:

	host goaway {
		hardware ethernet 01:02:03:04:05:06; # insert mac here
		fixed-address     127.0.0.1;
    }

I've never tried this, but it at least sounds like it might work...

-Eric

>
>Quoting David Trask <dtrask vcs u52 k12 me us>:
>
>> Hi all,
>> 
>> I have a situation....I have an IP address that I believe is infected with
>> a worm that putting significant traffic on my network.  The IP address is
>> internal and I don't for the life of me know where it is.  I've tried
>> everything to find it.  I know the MAC address from the logs on my DHCP
>> server....what I'd like to do is prevent that MAC address from even
>> getting an IP address.   Is this possible?  I'm using an FC 1 server as my
>> DHCP server (that's all that particular server does...just DHCP).  I have
>> no desire to populate my entire dhcpd.conf file with all the MAC addresses
>> in my building....there's too many.  What I simply want to do is deny
>> giving an IP address to a particular machine (whose MAC address I
>> know)....and/or deny access to my network (from inside) to that IP
>> address.  (I've statically assigned that IP to that MAC in my dhcpd.conf
>> so I can at least track it, but now I need to shut it down)  Any ideas?
>> 
>> David N. Trask
>> Technology Teacher/Coordinator
>> Vassalboro Community School
>> dtrask vcs u52 k12 me us
>> (207)923-3100
>> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]