Securing a DHCP Server on a Local Network
Dennis Hasenfang Undergraduate, Information Technology and Management
Michael McLone Graduate, Information Technology and Management
Chris Willis Graduate, Information Technology and Management
Bill Lidinsky Alva C. Todd Professor and Assistant Director of Information
Technology and Management
"Apply existing technology to solve a real-life problem" for the System and Network & Security class.
The Rice Campus, like most academic institutions, has an "open access" policy to its computing network - a policy that is great for educational access, but presents serious security issues. The objective of this project is to allow "open access", while improving the security of an "open access" Dynamic Host Configuration Protocol (DHCP) environment, by giving the DHCP server the ability to authenticate a user before connecting to the network with a laptop.
By disabling the dynamic IP addressing and enabling the reserved IP addressing, the students innovated a system that authenticates and registers a mobile user through an internet medium to eliminate the system administrator's need to intervene. The secure system requires a set of procedures that enhance security. These procedures include: authentication before access is granted to the DHCP; an understanding of the computing policy; registration information that can be submitted over the Web to a Microsoft database; Visual Basic (VB) Script that checks for new users; and a DHCP reserved database.
Security is enhanced because only authentic users will gain access to the DHCP reserved database and, therefore, receive a static IP address and access to the network. In this way, authorized users such as students, faculty and alumni are allowed "open access" while non-authorized users are blocked and network security is improved.
This project was presented to the Institute of Electrical and Electronics Engineers (IEEE) on Wednesday, May 28, 2003 as part of an IEEE student colloquium.