[windows2000] Re: DHCP questions

• From: "Sorin Srbu" <sorin@xxxxxxxxxxxxx>
• To: "windows2000@xxxxxxxxxxxxx" <windows2000@xxxxxxxxxxxxx>
• Date: Tue, 20 Aug 2002 15:14:09 +0200

On Tue, 20 Aug 2002 08:57:02 -0400, slymax wrote:

>What about introducing unauthorized clients onto the network that could
>receive an address?  Anything to stop this from happening?

Can they still recieve an ip even though they're not members of the
domain?



>-----Original Message-----
>From: windows2000-bounce@xxxxxxxxxxxxx
>[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Daniel Angelucci
>Sent: Tuesday, August 20, 2002 8:39 AM
>To: windows2000@xxxxxxxxxxxxx
>Subject: [windows2000] Re: DHCP questions
>
>
>
>There are some issues with rogue DHCP servers on a network.  Someone can
>
>really do some damage with those.  Let's say I set up a DHCP server in
>the 
>same subnet as a group of client computers.  Since my DHCP server is 
>closest, the clients will receive addresses from it.  As a result, I can
>
>pass WINS or DNS information which will point clients to trojan
>websites, 
>etc. etc. etc.
>
>Interestingly, M$ has a solution for this.  Windows 2000 clients in a AD
>
>domain with a Windows 2000 DHCP server REQUIRE that the server be
>registered 
>with AD.  If it is not, the clients will not accept the address.  So in
>the 
>above scenario, my Win 2K clients will reject the address and eventually
>
>receive one from the legitimate server.
>
>Score one for Microsoft.
>
>Dan
>
>
>>From: "Sorin Srbu" <sorin@xxxxxxxxxxxxx>
>>Reply-To: windows2000@xxxxxxxxxxxxx
>>To: "Windows2000 Mailing List" <Windows2000@xxxxxxxxxxxxx>
>>Subject: [windows2000] DHCP questions
>>Date: Tue, 20 Aug 2002 10:34:54 +0200
>>
>>
>>Hi all,
>>
>>I recently brought up the topic on implementing dhcp for our 
>>windows-boxes on the dept with the other sysadmin/unix, and his 
>>spontaneous comment is below:
>>
>>"I still don't like the idea because I don't think it's needed (how 
>>often does one really need to change IP-settings?) and
>>because I don't like the security hole it opens for IP-spoofing.
>>Maybe
>>the switched-hubs protect us from the security concerns ..."
>>
>>Can you guys add something to this? Is his opions at all valid?


BW,

               Sorin

# Sorin Srbu, Systems Engineer          Email: sorin.srbu@xxxxxxxxxxxxx
# Department of Medical Chemistry,              Web: http://www.farmaci.uu.se
# Division of Organic Pharmaceutical Chemistry, Phone: +46-18-471-4482 >> 5 
signals >> GSM
# BMC, Box 574, Uppsala University              Cell Phone: +46-701-718023
# SE-751 23 Uppsala, Sweden             Fax: +46-18-471-4474
#                                       Visit: BMC, Husargatan 3, D5:512b
#
# Public PGP key available on request.




==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

• References:
  • [windows2000] Re: DHCP questions
    • From: slymax

Other related posts:

• » [windows2000] DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions
• » [windows2000] Re: DHCP questions

1. Home
2. windows2000
3. Archive
4. 08-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---