Going out and DHCREQUEST'ing and validating may be intermittent in accuracy; you'd be best off with a SPAN port, tcpdump watching all DHCP Client and DHCP Server traffic.
DHC-Offers should match a source MAC address(es) you certify. Otherwise, ask your switching fabric to shutdown the port matching the CAM table entry with the rouge MAC address. ~BAS On Tue, 2007-07-10 at 10:45 +0100, Hari Sekhon wrote: > yes I've done this, by writing a bash script to wrap the check_dhcp > plugin and change the status code and output if more than the right > number of dhcp servers responded (also, you make sure the dhcp server > that responded is the right one using the check_dhcp plugin option.) > > -h > > Hari Sekhon > > > > Rogelio Bastardo wrote: > > Has anyone used Nagios to detect rogue DHCP severs? > > > > I've got a complicated campus environment where people do things such as > > plug in Linksys routers (the wrong way) and hand out DHCP addresses. > > > > ------------------------------------------------------------------------- > > This SF.net email is sponsored by DB2 Express > > Download DB2 Express C - the FREE version of DB2 express and take > > control of your XML. No limits. Just data. Click to get it now. > > http://sourceforge.net/powerbar/db2/ > > _______________________________________________ > > Nagios-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/nagios-users > > ::: Please include Nagios version, plugin version (-v) and OS when > > reporting any issue. > > ::: Messages without supporting info will risk being sent to /dev/null > > > > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Nagios-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > > > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Nagios-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
