dhcpd.conf how to secure so only known and allowed clients will be given dhcpd IP address leases

It's really simple and just a matter of the following line within the subnet declaration.

  deny unknown-clients;

See example below:

subnet 10.25.20.0 netmask 255.255.255.0 {
  range 10.25.20.11 10.25.20.254;
  deny unknown-clients;
  option routers 10.25.20.10;
  option domain-name-servers 208.67.222.222;

   host client05 {
   hardware ethernet aa:bb:cc:dd:ee:ff;

   }

}

 

After that only clients with a declared host statement will be able to get a DHCP lease increasing security a little bit.

 


Tags:

dhcpd, conf, ip, leasesit, subnet, declaration, netmask, routers, domain, servers, hardware, ethernet, aa, bb, cc, dd, ee, ff, declared, dhcp, lease, increasing,

Latest Articles

  • Linux Ubuntu Cannot Print Large Images
  • Cannot Print PDF Solution and Howto Resize
  • Linux Console Login Screen TTY Change Message
  • Apache Cannot Start Listening Already on 0.0.0.0
  • MySQL Bash Query to pipe input directly without using heredoc trick
  • CentOS 6 and 7 / RHEL Persistent DHCP Solution
  • Debian Ubuntu Mint rc-local service startup error solution rc-local.service: Failed at step EXEC spawning /etc/rc.local: Exec format error
  • MySQL Cheatsheet Guide and Tutorial
  • bash script kill whois or other command that is running for too long
  • Linux tftp listens on all interfaces and IPs by DEFAULT Security Risk Hole Solution
  • python import docx error
  • Cisco Unified Communications Manager Express Cheatsheet CUCME CME
  • Linux Ubuntu Debian Missing privilege separation directory: /var/run/sshd
  • bash how to count the number of columns or words in a line
  • bash if statement how to test program output without assigning to variable
  • RTNETLINK answers: Network is unreachable
  • Centos 7 how to save iptables rules like Centos 6
  • nfs tuning maximum amount of connections
  • qemu-kvm error "Could not initialize SDL(No available video device) - exiting"
  • Centos 7 tftpd will not work with selinux enabled