The PacketFence project has DHCP-based fingerprinting and can take action to remove devices from the network based on operating system. The fingerprint config file is here and should give you an idea as to how granular you can get:
http://www.packetfence.org/dhcp_fingerprints.conf I believe it wouldn't be too hard to integrate into the Aruba controller via the PF's existing SNMP framework, but I'm not positive... Dave Emerson Parker wrote: > Has anyone figured out a way to block iPhones? Not that I think that is > a good idea but I seem to get this request more and more frequently and > I cant seem to find anything unique. > > Some ideas I have thought about: > > Blocking mDNS (probably a good idea anyway) > Blocking bonjour > > Blocking OUIs > > APPLE's OUI's > 00:03:93:xx:xx:xx > 00:05:02:xx:xx:xx > 00:0A:27:xx:xx:xx > 00:0A:95:xx:xx:xx > 00:0D:93:xx:xx:xx > 00:11:24:xx:xx:xx > 00:14:51:xx:xx:xx > 00:16:CB:xx:xx:xx > 00:17:F2:xx:xx:xx > 00:19:E3:xx:xx:xx > 00:1B:63:xx:xx:xx > 00:30:65:xx:xx:xx > 00:50:E4:xx:xx:xx > 00:A0:40:xx:xx:xx > 08:00:07:xx:xx:xx > > None of these will work well because they can cause other problems for > other users when blocked. MACs and PCs can use bonjour, I don't think > the iphone uses a specific range of OUIs, etc. > > I haven't sniffed the iphone DHCP request but I was hoping maybe they > use option 43 or something to uniquely identify themselves which can get > a blocked ip address or something. > > Anyone have any ideas? > > Thanks, > > Emerson > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. -- David LaPorte, CISSP, CCNP Security Manager, Network and Server Systems Harvard University Information Systems ----------------------------------------------- Email: [email protected] PGP: 0x4DC3E508 4A1F058DB2B32FEF10A14F6BD370A6AD4DC3E508 ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
