*** From dhcp-server -- To unsubscribe, see the end of this message. ***
> What would it take for the DHCP server to record the RAS
> servers Mac & IP address?
There's no way to get the MAC address. Recording the IP address
would be nice, but I haven't thought of a general way to do this yet.
You don't want to record the IP address for every packet, but it might
be nice to record it for packets other than just Microsoft RAS
packets.
> Many of whom know that they can bypass the DHCP server with a
> spoofed static IP address.
What does this have to do with RAS?
> While I'm on the subject, what about getting the Mac address of
> these guys spoofing IP addresses? I guess you can't get too much
> info from a ping packet.
You pretty much have to have a sniffer on the wire with the
perpetrator, or go raid the ARP cache on the router they're connected
through. I can envision an SNMP-based tool that would do this quite
effectively, actually. The thing is, once you have the MAC address,
what then? I'd suggest that if the DHCP server is pinging IP
addresses before offering them, it should just set up the ARP cache on
the router too, like Brian suggested.
WRT RAS servers, if you want to have a policy of not allowing them,
you could take the RAS server's IP address out of the router's ARP
cache the minute you received a RAS packet from it, and you can bet
that people with misconfigured or rogue RAS servers would quickly
disable RAS.
_MelloN_
------------------------------------------------------------------------------
To unsubscribe from this list, please visit http://www.fugue.com/dhcp/lists
If you are without web access, or if you are having trouble with the web page,
please send mail to [EMAIL PROTECTED] Please try to use the web
page first - it will take a long time for your request to be processed by hand.
Archives for this mailing list are available at
http://www.webnology.com/list-archives/dhcp/dhcp-server
------------------------------------------------------------------------------
