Regarding the certain scale local area network, we generally use DHCPto serve the dynamic processing customer end IP address disposition.But when some customer unites into the local local area networkthrough DHCP, Cisco related information may visit the local shared resource or bring the virus,brings the security hidden danger for ours local network. How canprevent without authorization obtains in the company network themachine the machine DHCP address information?
In the local area network machine must carry on before the networkcommunication or the resources deposit and withdrawal, must carry onthe basic network parameter disposition (for example IP, DNS, gatewayand so on), this kind of parameter may the static assignment ordynamic obtains. Manual disposition address although reliable, butquite time-consuming and is easy regarding the certain scale localarea network to make a mistake.
By now we needed to use the DHCPservice (dynamic main engine disposition agreement), came the dynamicprocessing customer end the IP address disposition. DHCP may and initializes IP through the lease to relate, providesautomatically and safely assigns and rents the IP address informationfor the local TCP/IP network in, thus realizes the IP centralmanagement, basically does not need manager's artificial intervention.But the matter general meeting has its dual character, although theDHCP service may automatically assign the IP information for thecustomer end, but when some customer unites into the local local areanetwork through DHCP, may visit the local shared resource or somesensitive materials. Even if opposite party does not have the evilintention, but on the client possibly has some virus or the woodenjockey club harms the local network the security. Therefore, not onlyis the server end needs safely to dispose, to the customer end alsoshould some pointed management.
Actually we may found a DHCP kind for the customer end machine,assigns a gateway, the DNS information on the DHCP server for thiskind, if Cisco related information will not have this DHCP kind of machine to be unable to reachthis point the gateway or the DNS information, certainly also will beunable to obtain the correlation disposition or the jurisdiction, likeInternet's visit power. How do here we discuss establish the DHCPkind, prevented without authorization obtains in the company networkthe machine the machine DHCP address information (below to operate allrealizes in identical webpage).
Must to call it "local area network connection" net card dispositionuser class ID is "myuserclass" the DHCP kind, only needs in the orderline to input ipconfig /setclassid "Local Area Connection"myuserclass, then presses down the carriage return then. Only hastogether the net card in the customer end, therefore here also maywrite "ipconfig /setclassid * long" like this, the asterisk representsthe local all connections, such customer end can use ID is the LongDHCP user class. Chart 2 was already the Windows 2,000 systemscustomers end local network parameter which disposed.
No comments:
Post a Comment