General discussion


DHCP IP addressess & Fixed IP addressess

By Bril ·
I have this question about using DHCP and fixed IP Addresses. Don't know if this is a serious security issue...

DHCP is used to configure a pool of IP addresses which will be assigned to requesting DHCP clients.

Let's say I have 10 nodes on my network and I would configure DHCP to use subnetmask /28 ( That would mean a max total of 14 nodes could be used on this subnet.

Of these 14 adresses I configure DHCP to reserve 10 using MAC addresses. That means 4 addresses wil be left over.

If I would reserve these 4 remaining addresses to (let's say) dummy MAC addresses, is it possible for someone to connect to my network using a fixed IP address that is equal to one of those 4 remaining IP addresses??

Thanks for your replies.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -


by Fregeus In reply to DHCP IP addressess & Fixe ...

But keep in mind that someone could very easily use any of your 14 IP addresses so long as the actual PC using that address is shut down. So, no, I don't consider this a security issue. Its insecure anyway you look at it. DHCP was not made as a security tool but as an administrative one.

There is also the possibility that someone masks his actual MAC address and sends the MAC of another legitimate machine on your network and gets that machine's IP.


Collapse -


by david.wallis In reply to DHCP IP addressess & Fixe ...

mac addresses are easy to spoof... theres an article on here somewhere about it

Collapse -

No, but...

by roberto In reply to DHCP IP addressess & Fixe ...

..if you're trying to prevent unauthorized clients from connecting to your network, and are using a Cisco switch that supports it, you can use switch port security to determine which MAC addresses can connect to each port. See

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums