Howard Lowndes wrote:
If you are running a DHCP server on a network and have a block of IP addresses which you make available, how can you stop a (reasonably) knowledgeable luser from explicitly grabbing an address from that block by explicitly configuring their box with that address, thus preventing that IP address from being recorded in the leases, and hence you not immediately knowing that that box has been attached to the network.
My suggestion would be to run some sort of proxy arp setup.
If a box on your network is running a proxyarp setup like the one with shorewall - when windows users go to change their ip address, the windows box will arp and check to see if that address is in use. Proxyarp will accept the response and the windows box gets confused and gives the user "this ip is already in use" error. Nicely frustrating.
Not sure if my explanation is correct, but I have been able to duplicate this behavior with recent versions of shorewall, kernel 2.4.27 and windows 2000 and xp.
Its not the same as mac level filtering :) and its a serious hack, but might be helpful...
dave -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
