Security Basics mailing list archives
Re: Blocking Access to Non-domain computers
From: "Richard Boswell" <richardboswell () nashville net>
Date: Wed, 25 Aug 2004 20:20:50 -0500
We are looking at implementing Network Quarantine Access Control for all of our workstations and laptops, yes I realize that I am attempting to utilize a Micro$oft product for a so-called security purpose, but it is built in to Windows 2003 Server, and we don't have anything else.
Richard Boswell----- Original Message ----- From: "Raoul Armfield" <armfield () amnh org> To: "'Steven A. Fletcher'" <sfletcher () integrityts com>; "'Andreas'" <andreas () inferno nadir org>; <security-basics () securityfocus com>
Sent: Wednesday, August 25, 2004 3:38 PM Subject: RE: Blocking Access to Non-domain computers
:-----Original Message----- :From: Steven A. Fletcher [mailto:sfletcher () integrityts com] :Sent: Wednesday, August 25, 2004 12:54 AM :To: Andreas; security-basics () securityfocus com :Subject: RE: Blocking Access to Non-domain computers : :That is the only option I can think of. If you think about it, how :could you keep non-domain computers from getting an IP address? As far :as I know, there is no provision in DHCP for such control. For the :system to determine whether or not to give the machine an address, the :machine would need to be able to communicate with the domain :controllers, which would require an IP address for the communication to :be able to happen. : I am a newbie so go easy on me. But should it not be possible to setup some type of proxy server that relies on domain authentication to allow access to the internet? Raoul ---------------------------------------------------------------------------Computer Forensics Training at the InfoSec Institute. All of our class sizesare guaranteed to be 12 students or less to facilitate one-on-oneinteraction with one of our expert instructors. Gain the in-demand skills ofa certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- Blocking Access to Non-domain computers Brian Gehrke (Aug 23)
- Re: Blocking Access to Non-domain computers Ansgar -59cobalt- Wiechers (Aug 24)
- Re: Blocking Access to Non-domain computers Andreas (Aug 24)
- Re: Blocking Access to Non-domain computers Peter Wohlers (Aug 25)
- Re: Blocking Access to Non-domain computers Rob Hughes (Aug 24)
- Re: Blocking Access to Non-domain computers Oleksandr Darchuk (Aug 25)
- Re: Blocking Access to Non-domain computers Alexandre Verriere (Aug 31)
- <Possible follow-ups>
- RE: Blocking Access to Non-domain computers Steven A. Fletcher (Aug 25)
- RE: Blocking Access to Non-domain computers Raoul Armfield (Aug 25)
- Re: Blocking Access to Non-domain computers Richard Boswell (Aug 26)
- Re: Blocking Access to Non-domain computers Don Voss (Aug 30)
- RE: Blocking Access to Non-domain computers Dan and Liz Boyson (Aug 30)
- Re: Blocking Access to Non-domain computers Balaji Prasad (Aug 31)
- RE: Blocking Access to Non-domain computers Raoul Armfield (Aug 25)
- RE: Blocking Access to Non-domain computers Steven A. Fletcher (Aug 25)
- RE: Blocking Access to Non-domain computers Barrie Dempster (Aug 30)
- RE: Blocking Access to Non-domain computers DeGennaro, Gregory (Aug 26)