Solved

Unknown node(s) showing up in DHCP scope

Posted on 2003-12-02
4
310 Views
Last Modified: 2010-03-19
First off all clients have statically assigned IPs, there is a very small
DHCP scope available for setting up new computers/printers (6 address).
However recently 2-3 addresses in this range have been used on a
consistent basis (however, not consistent enough to always catch them
being active). This is a medium environment (about 500-1000 computers,
and a large number of printers as well as a few servers) thus tracking
them down by walking to each client and checking IPs would be a rather
large task. I have been able to grab their MAC addresses using arp. The
server is running windows 2000 server clients are a mix of win95/98,
win2k, winXP, mac 7-9, mac os x, linux, unix. I know that it is not any
of the servers and a pretty good feeling that it is not any of them
printers, what i suspect is going on is someone is bringing in their
home laptop and connecting to an active port. Only the IT people know of
the DHCP aspect of the environment.
What I am looking to do is to block those MAC addresses from using the
DHCP scope or from accessing the network as a whole. Then once the users
complain that the "internet is broken" we will be able to take appropriate
measures.
Main reason this is such a big deal is that we are billed from network
usage and the unknown MAC addresses are causing a rather large amount of
traffic when they are on.
So any help would be great!
Thanks
0
Comment
Question by:x40ozbaby
4 Comments
 
LVL 16

Expert Comment

by:JammyPak
ID: 9867987
the problem is that DHCP can reserve addresses for MACs, but I don't know of a way to prevent certain MACs from getting an address.
0
 
LVL 1

Author Comment

by:x40ozbaby
ID: 9988558
ended up using the cisco router to filter MAC addesses
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10000029
PAQed, with points refunded (275)

Computer101
E-E Admin
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now