[CentOS] [OT] DHCP auth&auth software
Antonio da Silva Martins Junior
asmartins at uem.br
Mon Oct 19 20:12:15 UTC 2009
----- "Marko Vojinovic" <vvmarko at gmail.com> escreveu:
> Does anyone know about some free (as in beer, and maybe as in speech)
> software which would implement authentication and authorization of a user prior
> to issuing a valid dhcp lease?
>
> I imagine the following scenario: someone walks into my office
> building with a laptop (a colleague, a visitor, a guest, whoever), and hooks up onto
> the local net (wired or wireless). The server detects an unknown MAC address,
> issues a bogus dhcp lease which resolves all dns queries to a single internal
> web page with a form the user is supposed to fill in and send. After he does
> so, an administrator does a sanity check of the data the user provided, and
> grants or denies access. If access is granted, the user gets a new, unrestricted
> dhcp lease, which provides him with a normal access to local network.
>
> The goal is to have a database which relates IP or MAC addresses to
> people names, so I can track a person down efficiently if he brings an
> infected/spamming machine into the building.
>
> I would know how to build this infrastructure manually, but it's a lot
> of work, and I don't want to reinvent the wheel. Google somehow failed to
> help, or I failed to provide the right keywords. :-(
>
After reading this thread I think you can try PacketFence (www.packetfence.org)
and there are some others less powerfull ones on the wikipedia under the NAC topic: http://en.wikipedia.org/wiki/Network_Access_Control
Antonio.
--
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Antonio S. Martins Jr. - Support Analist | "Only The Shadow Knows |
| Universidade Estadual de Maringá - Brasil| what evil lurks in the |
| NPD - Núcleo de Processamento de Dados | Heart of Men!" |
| E-Mail: asmartins at uem.br / shadow at uem.br | !!! Linux User: 52392 !!! |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
"Real Programmers don’t need comments — the code is obvious."
--
Esta mensagem foi verificada pelo sistema de antivírus e
acredita-se estar livre de perigo.
More information about the CentOS
mailing list