dhcpd.conf how to secure so only known and allowed clients will be given dhcpd IP address leases

It's really simple and just a matter of the following line within the subnet declaration.

  deny unknown-clients;

See example below:

subnet 10.25.20.0 netmask 255.255.255.0 {
  range 10.25.20.11 10.25.20.254;
  deny unknown-clients;
  option routers 10.25.20.10;
  option domain-name-servers 208.67.222.222;

   host client05 {
   hardware ethernet aa:bb:cc:dd:ee:ff;

   }

}

 

After that only clients with a declared host statement will be able to get a DHCP lease increasing security a little bit.

 


Tags:

dhcpd, conf, ip, leasesit, subnet, declaration, netmask, routers, domain, servers, hardware, ethernet, aa, bb, cc, dd, ee, ff, declared, dhcp, lease, increasing,

Latest Articles

  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution
  • nmap how to scan for all ports and not just the 1000 most common ports
  • Windows 7,8,10 and Server 2008, 2012, 2016, 2019 Read Only Attribute Won't Go Away
  • bind / named how to make a wildcard record and retain defined A records
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM
  • Local Vs Universally Administered MAC Address NIC Refuses to come up
  • Cisco Unified Communications Manager 12 CUCM 12 - How To Enable Video Calling
  • Windows 7, 8, 10, Windows Server 2008, 2012, 2016, 2019 How To AC97 Audio Drivers and Other Unsigned Drivers
  • Cisco Unified Communications Manager / CUCM IP Telephony Definitions
  • tftp Linux xinetd verbose logging
  • Linux delete unused tap devices automatically
  • Linux qemu-kvm How To Enable Soundcard in Guestl
  • QEMU-KVM Windows and Server Guest Installs Mouse Tracking Pointer Location Solution
  • SSH Keep Alive To stop Disconnections
  • Linux How To Disable SATA NCQ For Better Performance
  • the sign-in method you're trying to use isn't allowed. For more info, contact your network administrator - solution for active directory
  • gsmartcontrol for Windows to Check the SMART S.M.A.R.T status
  • WebRTC Vulnerability Shows Local IP Address Even When Using a Proxy or VPN Firefox Fix And Disable Solution
  • chroot in Linux Howto Simple and Easy Guide
  • qemu-kvm qemu-system Image format was not specified for '/mnt/space/cucm12.img' and probing guessed raw. Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted. Specify the 'ra