[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] deny IP based on MAC address....how?

Jim Hays wrote:

try looking at
man dhcpd
and serch for deny
That may have the info you want.

Quoting David Trask <dtrask vcs u52 k12 me us>:

Hi all,

I have a situation....I have an IP address that I believe is infected with
a worm that putting significant traffic on my network. The IP address is
internal and I don't for the life of me know where it is. I've tried
everything to find it. I know the MAC address from the logs on my DHCP
server....what I'd like to do is prevent that MAC address from even
getting an IP address. Is this possible? I'm using an FC 1 server as my
DHCP server (that's all that particular server does...just DHCP). I have
no desire to populate my entire dhcpd.conf file with all the MAC addresses
in my building....there's too many. What I simply want to do is deny
giving an IP address to a particular machine (whose MAC address I
know)....and/or deny access to my network (from inside) to that IP
address. (I've statically assigned that IP to that MAC in my dhcpd.conf
so I can at least track it, but now I need to shut it down) Any ideas?

You can also get a clue what the machine is named, or even perhaps who is logged onto it:
nmblookup -r -A ip_addr_you_assigned


  "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
  Chris Johnson, RHCE #807000448202021

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]