DHCP security

Protecting your Linux box

DHCP security

Postby mudasir » Wed May 30, 2007 10:54 pm

I have setup a DHCP Server on RHEL 4, now i have a list of MAC Addresses in a fie located at "/Firewall/macs/all.macs", now what i want to do is that, my DHCP server should assign IP's dynamically to only these MAC addresses present in this file. How is this possible.

What IPTABLES rules do i have to make in order to overcome this porblem.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Re:

Postby LinuxFreaK » Thu May 31, 2007 7:41 am

Dear mudasir,
Salam,

Iptables have nothing to do with DHCP.

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby mudasir » Thu May 31, 2007 11:18 am

salam,

So farrukh bhai what i have to do to complete the task i want to do.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Re:

Postby LinuxFreaK » Fri Jun 01, 2007 9:12 am

Dear mudasir,
Salam,

FYI, http://www.yolinux.com/TUTORIALS/DHCP-Server.html

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby mudasir » Fri Jun 01, 2007 9:24 pm

Salam,

Farrukh bhai i think you did not got the point. I am saying that only few MAC addresses sohould get IP's from my DHCP server, and those IP's have to be dynamically given those MAC addresses.

This is what i am trying to say.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby lambda » Fri Jun 01, 2007 11:23 pm

and his point is you can achieve your aims if you simply configure your dhcp server correctly. you can give your dhcp server the arp addresses, and tell it to ignore unknown clients. you'll need to place the addresses in the dhcpd.conf file. you can even write a script that takes the addresses out of that file and dynamically generates a dhcpd.conf.

i'll be willing to help you out for a fee.
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Lambda is Right

Postby syedbilalmasaud » Wed Jul 25, 2007 3:00 pm

Lambda you are right , its only way to that
make sample DHCP conf file script and pass the dynamic values in to it like include file in for loop operation when you run the dhcpd script it will automatically add the macs from file that you have made and reload the service , if you need help on this you can contact me
Cheers :)

:D B I L A L :D
syedbilalmasaud
Naib Subedar
 
Posts: 347
Joined: Thu Aug 18, 2005 9:25 am
WLM: bm1984@hotmail.com
Yahoo Messenger: syedbilalmasaud@yahoo.com
Location: Attock

Postby lambda » Wed Jul 25, 2007 3:56 pm

you mean, like this?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 2 guests

cron