[Snort-users] Secure - NSLOOKUP

A.L.Lambert alambert at ...387...
Mon Jan 22 11:17:49 EST 2001


> Joey,
> 
> You could ofcourse give everyone a static IP adres. This gives some
> extra security because strange nics don's come on your network, and
> when you check your logs you can be rather sure that all the IP's
> still belong to the same users.

	Or the same idea with a different twist; if you're using dhcpd
under a *NIX of some flavor, you can strip the info from your dhcpd.leases
file and generate a a static IP table in your dhcpd.conf file based on
what everyone's MAC address/current IP is.  Then leave a range of an
appropriate number of dynamicly assigned IP's if you've got people who
need to have truly dynamic IP's (laptop users and whatnot).  That would
give you the benefit of DHCP (centrally controlable network configurations
for all your users), and also give you get the benefit of everyone having
static IP's.  If you're using NT's dhcp server, I dunno how you would go
about this, but I would expect it could be done there as well.  Cheers!

	--A.L.Lambert







More information about the Snort-users mailing list