[ previous ] [ next ] [ threads ]
 
 From:  Vince Van De Coevering <vpv at figaros dot com>
 Cc:  "'m0n0wall at lists dot m0n0 dot ch'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] dhcp\partition
 Date:  Mon, 12 Sep 2005 17:01:40 -0700
> 
> Since nobody seems to have an answer, I'll take a stab.  Sounds like a
> bug in isc-dhcpd, or at least that seems like a reasonable guess.  :) 
> I'd upgrade to 1.2b10 for the newer dhcpd and see if that doesn't
> resolve it.  Or, if you want a very well tested and known reliable and
> solid version, go for 1.2b9 (most of us think it's just as if not more
> stable than 1.1).  I wouldn't hesitate to use b10 though.
> 

For security purposes I run my DHCP on a server (not the firewall) and each
of the connecting PCs is set up in a table based on its MAC address.
Computers whose MAC addresses are not listed get an IP address in a block
with rules that block all inward and outward bound network traffic.  I also
get an e-mail notifying me of the connection of a non-defined device.  Sure
it makes new PC setup somewhat of a pain but it goes a long way to prevent
rogue computers on my network. 

Vince Van De Coevering
IT Manager
Figaro's Italian Pizza, Inc.
503-371-9318 x216
vpv at figaros dot com