Fwd: [Dnsmasq-discuss] Request for brain-storm: Rogue dhcp-servers on the lan

Rune Kock rune.kock at gmail.com
Thu Aug 21 19:14:09 BST 2008


---------- Forwarded message ----------
From: Rune Kock <rune.kock at gmail.com>
Date: Thu, Aug 21, 2008 at 18:50
Subject: Re: [Dnsmasq-discuss] Request for brain-storm: Rogue
dhcp-servers on the lan
To: Paul Chambers <bod at bod.org>


On Thu, Aug 21, 2008 at 17:42, Paul Chambers <bod at bod.org> wrote:
> I'm likely showing my ignorance here, but would you be able to track down
> the right port on a switch by using using the MAC address of the
> DHCPDISCOVER response and the spanning tree protocol? (RSTP). I don't know
> of any host-based software that does such a thing, though. How complex is
> the switch topology we're talking about?

I don't really know how the spanning tree protocol works, and only
high-end switches support it anyway, so I think I like your second
suggestion better.  As for the topology, it's not quite gordian knot,
but not a text book example either.  Maybe "ad hoc" is the best word.
Approx. 50 computers.

> Another possibility is to get a switch that does support SNMP (i.e.
> 'enterprise grade'). They used to be hideously expensive, but there's now
> 'mid-level' products with simple web-based UIs and SNMP support that aren't
> too bad. I'm using a Dell Powerconnect 2716 at home, for example - about
> US$320 for a 16 port gigabit ethernet switch with a pretty rich feature set.

So, you're saying that this Powerconnect 2716 is able to tell me on
which port a given MAC communicates?

I've never tried using SNMP, but could I send it an SNMP-request
"where is MAC xx:xx:yy:zz:vv", and then get a port number back?

I see that Dell has a special offer on the 2716 right now.  It's
actually very cheap.



Rune



More information about the Dnsmasq-discuss mailing list