Find the answer to your Linux question:
Results 1 to 4 of 4
Hi every one I have started to deal with Linux from nearly time I have network can prevent any one to log in if he/she don't register the MAC address ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2010
    Posts
    2

    Question problem with script


    Hi every one
    I have started to deal with Linux from nearly time
    I have network can prevent any one to log in if he/she don't register the MAC address
    we use snort to protect our network , we use ubuntu 9.10
    the problem :- how can i write script to call DHCP to prevent MAC which i will sent for it which make Internal attack , i want it give this MAC IP out of my IPs range to not let for it to access
    i can make change on snort source file to get this MAC but i need to send it to DHCP
    please any one can help me

  2. #2
    Linux Engineer Freston's Avatar
    Join Date
    Mar 2007
    Location
    The Netherlands
    Posts
    1,049
    Welcome to the forums!


    Quote Originally Posted by blaly
    the problem :- how can i write script to call DHCP to prevent MAC which i will sent for it which make Internal attack , i want it give this MAC IP out of my IPs range to not let for it to access
    Do I understand correctly, that you want to tie MAC's to IP addresses? I mean, that a certain MAC always gets a certain IP address, and that unknown MAC's get a different address, outside the range of trusted machines?

    This is certainly possible, although not inherently safe. You can configure this in the DHCP server configuration file.
    Can't tell an OS by it's GUI

  3. #3
    Just Joined!
    Join Date
    Jul 2010
    Posts
    2
    thank you so much Freston
    yes you anderstand correctly the problem was how to open the ( dhcp.conf ) file and write the instruction on it autmatcilly by using script from anther computer not DHCP server?
    on this computer we install snort_inline and configer it to get the MAC which attack the network
    please if this isn't inherently could you suggest for me any way to prevent this computer ?
    I am very grateful about you opinion
    thank you

  4. #4
    Linux Newbie
    Join Date
    Jul 2005
    Location
    Australia (Down Under)
    Posts
    141
    Gday blaly,

    to manually edit the file you could use Vi , nano or gedit (Gedit requires Gnome to be installed).
    eg to use nano something similar to

    Code:
    nano /etc/dhcp3/dhcpd.conf
    to edit this file with a script your best bet would be to use something like sed.

    you could manually add a comment into your dhcpd.conf file such as :

    Code:
    #Start Blocked Mac Addresses
    
    #End Blocked Mac Addresses
    then your script could find the line number of one of those comments and insert above or below.

    hope that helps.
    Linux is the OS of tomorrow, Here today!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •