Hi! this just a things/tipps..
the problem: Everybody met stituation when somebody plug he's home notebook on the corporate network, and he running filesharing, virus. by mistake! i mean they not hackers, or bad guys. I know lots of managed switch support 802.1X and other authentications larger companies probably use these, but SOHO companies doesnt have such devices, and not easy deploy/managed 802.1x network. I found netreg, and we use for few months: http://netreg.sourceforge.net/ yes its similar to endian hotspot, i dont know endian hotspot why not available in community edition. (probably because of money) Netreg not equal endianhotspot, but i think if anybody wants dhcp "quarantine" for free, he can do. netreg shortly: -two dhcp pool: one for allow unknown clients(different ip, different dns, gw, low lease time) and one for registered computers(based on file that stores mac address liked fixed leases) -DNS server(which use unkown clients) resolve all domain to one ip where httpd running. -Unkown clients see a webpage where information and optional register themself to dhcp server. -after register computer received new IP(because of low lease time client frequently renew address) -the webpage add values to dhcp lease file -shell script reload dhcpd if lease file changed -netreg has a admin webpage(perl based) where can delete and register clients, and see who unregistered. we use endian community for testing only yet, but probably we changed some firewall system to endian(free). i isntall netreg only on debian systems, but i will try to hack into endian. if you configure similar service, plz comment.. and ofcourse if you have question, send email me other docs: https://www2.sans.org/reading_room/whitepapers/authentication/1591.php Zola ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
