+ Post New Thread
Results 1 to 11 of 11
Windows Thread, Ipods in DHCP in Technical; Not sure if this is the right forum for this q. Anyone know a method to stop students and staff ...
  1. #1
    dalsoth's Avatar
    Join Date
    Sep 2008
    Location
    Cambridgeshire
    Posts
    547
    Thank Post
    190
    Thanked 108 Times in 80 Posts
    Rep Power
    47

    Question Ipods in DHCP

    Not sure if this is the right forum for this q. Anyone know a method to stop students and staff connecting Ipods to the school system? I checked through DHCP addresses today and there were perhaps 30+ Ipod devices with IP addresses and now i am starting to see students personal netbooks appear too along with other mobile phone devices.

    I will not be able to force staff to stop students doing this as the staff are a joke and do not monitor kids in rooms or the library or the post16 area. I know of Packetfence but have never used it. Is this the only solution that is cost free? If so, do i need to add every mac address into Packetfence or are there other ways to get it to block rogue devices? Is packetfence a pain to set up and configure? I do not wish to go static IP so that is not an option with my workload and staff numbers.

    Any advice is appreciated. Thanks.

  2. #2

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    12,262
    Thank Post
    1,670
    Thanked 2,015 Times in 1,464 Posts
    Blog Entries
    2
    Rep Power
    451
    switch everyone to static IP addresses, and change your WEP key. If people know it then there is a problem.

  3. #3

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,134
    Thank Post
    522
    Thanked 2,542 Times in 1,976 Posts
    Blog Entries
    24
    Rep Power
    876
    Security through obscurity will not work (eg. static IP addresses).

    802.1X looks like it would be your friend here. Or at least some form of Mac based filtering (which isn't 100% secure though).

    As these are iPods, i'm guessing they are wirelessly connecting - what wireless system do you have?

  4. #4
    dalsoth's Avatar
    Join Date
    Sep 2008
    Location
    Cambridgeshire
    Posts
    547
    Thank Post
    190
    Thanked 108 Times in 80 Posts
    Rep Power
    47
    We have a Trapeze Radius set up and we do not have a default gateway published through DHCP either. Students are not even given a guest pass for the wireless as i do not want them connecting to our system with any non school device.

    We have an ISA that only accepts http through our proxy servers. I doubt they are actually getting on the internet with them but perhaps they are plugging them into computers which is pulling a DHCP address from the server. I do not want loads of Ipods stealing my leases even though they will expire. It is annoying really more than an actual problem.

    As i said in the original post. I do not want to go static ip, was wondering if there were another solution. I will obviously look at Packetfence but at this rate i will end up with a hundred servers doing different things and no time to update and manage them all.

    Thanks for the replies.

  5. #5

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,582
    Thank Post
    724
    Thanked 1,684 Times in 1,499 Posts
    Rep Power
    432

  6. 2 Thanks to plexer:

    dalsoth (22nd October 2009), Rawdon (17th March 2010)

  7. #6
    Iain's Avatar
    Join Date
    Oct 2006
    Location
    Warwickshire
    Posts
    190
    Thank Post
    28
    Thanked 94 Times in 54 Posts
    Rep Power
    32
    There are a couple of options mentioned in this thread too: http://www.edugeek.net/forums/securi...ng-network.htm

  8. Thanks to Iain from:

    dalsoth (22nd October 2009)

  9. #7

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    160
    Thanked 152 Times in 116 Posts
    Rep Power
    49
    We're getting this too - we have Aruba wireless, no-one can connect without being a member of a specified domain security group and having a certificate installed on the PC....except that is, for ipods and macs, the cert seems to auto install for them when they try and connect, and they can then get internet access. Really annoying

  10. #8
    dalsoth's Avatar
    Join Date
    Sep 2008
    Location
    Cambridgeshire
    Posts
    547
    Thank Post
    190
    Thanked 108 Times in 80 Posts
    Rep Power
    47
    Have tried that DLL thing linked above on the server to block certain macs. I do not want the hassle of adding everything to an allow list so i have just picked the macs from DHCP and added them to a deny using that dll and text file from that page. Restarted DHCP and i can see from the text log that the ones i specified are being denied. I hope this is actually working. Time will tell. Thanks for the linkys guys.

  11. #9

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,582
    Thank Post
    724
    Thanked 1,684 Times in 1,499 Posts
    Rep Power
    432
    Just use the deny setting then all you have to add is the macs of the devices you wish to deny.

    Ben

  12. Thanks to plexer from:

    dalsoth (22nd October 2009)

  13. #10
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,490
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76
    A free but not fool-proof option is to add all unused IPs to an exclusion range. This will prevent devices getting numbers from DHCP, but won't stop them if they happen to pick a valid unused one and add it manually, so it isn't perfect but it does at least stop the casual attempts.

  14. Thanks to enjay from:

    dalsoth (22nd October 2009)

  15. #11

    Join Date
    Mar 2007
    Posts
    421
    Thank Post
    14
    Thanked 16 Times in 10 Posts
    Rep Power
    19
    I got sick of this as well and spent a little time putting mac filters on our ruckus system

    A bit of work, but surprisingly less devices used the wireless than I thought. Bit of a pain keeping it up to date but you have a better idea of whats using your wireless then.

SHARE:
+ Post New Thread

Similar Threads

  1. [Fog] Without any DHCP
    By siuko in forum O/S Deployment
    Replies: 17
    Last Post: 24th October 2009, 08:05 PM
  2. dhcp
    By kevin_lane in forum Windows
    Replies: 19
    Last Post: 24th September 2008, 09:39 AM
  3. DHCP Help
    By scottyses in forum Windows
    Replies: 7
    Last Post: 7th February 2008, 03:02 PM
  4. dhcp??
    By mac_shinobi in forum Windows
    Replies: 4
    Last Post: 11th January 2008, 01:58 PM
  5. DHCP
    By kingswood in forum Wireless Networks
    Replies: 10
    Last Post: 7th September 2005, 06:29 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •