Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DHCP - serious problem
- Thread starter jakess
- Start date
What made you think it wouldn't?
DHCP gives out address to any device that requests it. It has not idea which clients belong to your company, and which don't.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
DHCP gives out address to any device that requests it. It has not idea which clients belong to your company, and which don't.
Pat Richard, MCSE MCSA:Messaging CNA
Microsoft Exchange MVP
Want to know how email works? Read for yourself -
- Thread starter
- #3
- Thread starter
- #4
You can make sure that your DHCP services on your server is set to only respond to the local segment of IP addresses. Also, it is also possible that you have enabled DHCP services to come from your router itself. Be sure that router DHCP services are disabled as this is best practices with a Windows SBS.
Additionally, you should make sure that all incoming ports from the WAN side of your network are blocked except for the ports you want open. For instance, by blocking the port 67 incoming from WAN to LAN/DMZ, you will prevent the request from even reaching your LAN in the first place.
Additionally, you should make sure that all incoming ports from the WAN side of your network are blocked except for the ports you want open. For instance, by blocking the port 67 incoming from WAN to LAN/DMZ, you will prevent the request from even reaching your LAN in the first place.
TechSoEasyMVP
IS-IT--Management
To insure that you have a secure wireless configuration, you should follow the guidelines in this paper:
Jeffrey B. Kane
TechSoEasy
Blog:
Jeffrey B. Kane
TechSoEasy
Blog:
- Thread starter
- #7
Let me give you some backgroup of our setup:
Remote users connect to a WAP through a switch in their office which connect to a WAP at our main office.
The WAP @ main office is connected to our main switch.
The Netgear router is also wireless for internal use but it is protected by WEP and shared secret.
So my question: How does someone get an IP address from the SBS DHCP if all WAP's have shared secrets etc.
Remote users connect to a WAP through a switch in their office which connect to a WAP at our main office.
The WAP @ main office is connected to our main switch.
The Netgear router is also wireless for internal use but it is protected by WEP and shared secret.
So my question: How does someone get an IP address from the SBS DHCP if all WAP's have shared secrets etc.
TechSoEasyMVP
IS-IT--Management
Possibly all of your WAP's don't have shared secrets etc.
Jeffrey B. Kane
TechSoEasy
Blog:
Jeffrey B. Kane
TechSoEasy
Blog:
- Thread starter
- #9
It's possible you have some outside person intentionally accessing your network. Hiding your SSID and using WEP don't really protect your wireless network. There are many free programs that still show your SSID even if you are not "broadcasting" it. Also, someone might have seen the SSID before you hid it.
I would recommend changing the SSID again, enabling WPA instead of WEP, possibly blocking wireless access by MAC address of the NICs that should access it, and ensuring any AP or router that has WAN access is properly configured to block outside incoming traffic.
I would recommend changing the SSID again, enabling WPA instead of WEP, possibly blocking wireless access by MAC address of the NICs that should access it, and ensuring any AP or router that has WAN access is properly configured to block outside incoming traffic.
- Status
Similar threads
- Locked
- Question