Results 1 to 5 of 5

Thread: MAC Address Registration

  1. #1

    MAC Address Registration

    Hello all,

    I want to set something up at work that goes a little like this.

    I have a couple trouble users who are bringing misc unauthorized machines in and just slapping them on the network. NOW what I would like to do (if possible) is setup a MAC Address registration system or something of the sort.

    In a nutshell what I want is if someone brings in ANY NIC not recognized by the system, they dont do ANYTHING on the network until they register it.

    How can I do this? Is it a hardware or software deal? Can it be done via DHCP?

    Thanx to anyone!

  2. #2
    Security Specialist greEd's Avatar
    Join Date
    May 2001

    A few quick questions, what type of network do you have setup? Do you have a domain logon server or is it peer to peer? What is the primary o/s on the network.?

    "I'm doing a (free) operating system (just a hobby, won't be big and professional...) for AT clones... It's not portable and it probably [won't ever] support anything other than AT hard disks, as thats all I have :-(." --Posted on Usenet August 1991 by Linus Trovalds
    curiosity builds security | dd if=/dev/zero of=/dev/hda bs=512 count=100

  3. #3
    Banned Syclone_A+'s Avatar
    Join Date
    Nov 2001
    need additional info!

  4. #4
    Advanced Member Stef's Avatar
    Join Date
    Apr 2000
    Edmonton, Alberta, Canada
    You can configure OpenBSD or Debian GNU/Linux as bridging firewalls.

    It can be used to keep certain subnets out of your network and to keep certain MAC address ranges out as well. It can do all this with no assigned IP address to the bridging machine

    A HOW-TO has been written for Linux, not sure where you could info for configuring OpenBSD as a bridging firewall. I do know that there has been a few good discussions on Bridge/Firewall combo machines on the Debian mailling list. Probly could find a lot of help there.


  5. #5

    dhcp limit

    why not just limit the number of computers on your dhcp settings? I am assuming you are using dhcp, since you say that people are just hooking up at random. Set a range of dhcp addresses that corresponds to the number of computers that actually reside on your network. This will not be a perfect solution, since disconnecting one computer on your network opens an available IP address which can be reassigned to the unauthorized computer when it is hooked up to the lan, but if people are just plugging in to a hub and not actually disconnecting the actual network computers, this would help.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts