Solved

Unknown node(s) showing up in DHCP scope

Posted on 2003-12-02
4
317 Views
Last Modified: 2010-03-19
First off all clients have statically assigned IPs, there is a very small
DHCP scope available for setting up new computers/printers (6 address).
However recently 2-3 addresses in this range have been used on a
consistent basis (however, not consistent enough to always catch them
being active). This is a medium environment (about 500-1000 computers,
and a large number of printers as well as a few servers) thus tracking
them down by walking to each client and checking IPs would be a rather
large task. I have been able to grab their MAC addresses using arp. The
server is running windows 2000 server clients are a mix of win95/98,
win2k, winXP, mac 7-9, mac os x, linux, unix. I know that it is not any
of the servers and a pretty good feeling that it is not any of them
printers, what i suspect is going on is someone is bringing in their
home laptop and connecting to an active port. Only the IT people know of
the DHCP aspect of the environment.
What I am looking to do is to block those MAC addresses from using the
DHCP scope or from accessing the network as a whole. Then once the users
complain that the "internet is broken" we will be able to take appropriate
measures.
Main reason this is such a big deal is that we are billed from network
usage and the unknown MAC addresses are causing a rather large amount of
traffic when they are on.
So any help would be great!
Thanks
0
Comment
Question by:x40ozbaby
4 Comments
 
LVL 16

Expert Comment

by:JammyPak
ID: 9867987
the problem is that DHCP can reserve addresses for MACs, but I don't know of a way to prevent certain MACs from getting an address.
0
 
LVL 1

Author Comment

by:x40ozbaby
ID: 9988558
ended up using the cisco router to filter MAC addesses
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10000029
PAQed, with points refunded (275)

Computer101
E-E Admin
0

Featured Post

Save the day with this special offer from ATEN!

Save 30% on the CV211 using promo code EXPERTS30 now through April 30th. The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Increase size of DHCP scope? 16 111
Top cover replacement dell latitude d620 12 99
Understanding Security Log Events 2 69
integration of incident management and linking to CMDB 1 64
Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
Resolve DNS query failed errors for Exchange
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question