On Mon, Mar 30, 2009 at 08:31, John Hornbuckle <[email protected]> wrote: > The Auditor General's office has asked us how we prevent the introduction of > unauthorized DHCP/DNS servers on our network. > > Well, we kinda don't. > > How do you guys accomplish this? From the research I've done, there's no easy > way to do it.
Uh, the articles I sent were about detection, not prevention. Sorry. However, I believe your observation is basically correct - it's not really possible. I had one engineer (a *manager*, fer crying out loud) fire up his personal Linksys router and start ambushing innocent workstations with bad DHCP reservations on his subnet - TWICE! Aside from deploying policies that whitelist installable software and deny all others, and locking down the ports in your switches to known MAC addresses, there's not a lot you can do, aside from closing the interval between installation and detection. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
