06-11-2006 06:27 PM - edited 03-10-2019 03:03 AM
for those dhcp enable port, what is the best way to block intruder from grabbing addresses. Is META IP safe DHCP a solution?
06-11-2006 08:50 PM
Hi Paul,
I just want to clarify your query. From your post you mention that you want to block intruders from grabbing dhcp addresses using your IPS is that correct?
06-11-2006 09:21 PM
Hi jlimbo,
I am not sure I am in the right place or not. no not the IPS. just the cisco switches. I want to prevent unauthorized people from plugging into any network point to grab DHCP addresses inorder to gain network access.
besides limiting access using mac address on the switches, is there any other solution. Is Meta IP safe DHCP a solution?
06-12-2006 04:31 PM
This question is better suited for general security rather than the IPS/IDS Forum.
To answer your question, NAC appliance sounds like a solution you may be interested in:
http://www.cisco.com/en/US/customer/products/ps6128/index.html
If you have further question please direct them to Security General Forum please.
I hope that helped.
-jonathan
06-12-2006 06:31 PM
thanks Jonathan,
I will go to the general forum.
06-15-2006 03:23 PM
Hello Paul,
Maybe filtering udp on port 67 and 68 on the interfaces connected to the hosts will help you.
As it would filter dhcp request and replies.
what kind of switch are you using?
HTH,
if it does please rate this post.
Vlad
06-15-2006 01:12 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide