There is a will, there is a way.
It is necessary to thrive.
[win]Filtering MAC address in windows
My classmates are always boring with that they regularly can not get a valid DHCP address at library. through the investigation by using tcpdump, i conclude that there is another unauthenticated DHCP server in library's native network which will response the client who invokes a DHCP_Discover prior to Library's genuine DHCP server.
At fisrt, i manually set the client IP by "netsh int ip set address <interface> static <...>", then i decide to use a more advanced approach to implement it, namely, using the technology of MAC Filtering, however, Microsoft Windows do not ,natively, support this technology.
This is a DLL that was created by the Microsoft DHCP team to implementing MAC filtering.
Why filter MAC addresses
The idea of MAC filtering is that when a foreign system tries to connect to your network, they are not given an IP address unless their network card is on the list of allowed systems. In order for them to get on the network, they have to see a member of the IT department.
This protects a guest from accidentally spreading infections of spyware, viruses, or trojans not to mention it helps the IT department keep track of who and what goes on the network. [Please notice how I say accidentally because MAC spoofing would easily circumvent this security measure]
Install The Callout DLL
Overview:
- Install the DLL
- Create the necessary registry keys
Download and Install
- Download and install the files: Download
The MACFilterCallout.dll was installed to %SystemRoot%\system32 along with a file named SetupDHCPMacFilter.rtf.This includes very basic instructions. - Run the MacFilterCallout.msi and go through the steps to install it. All this does is extract the two files to your %systemroot%\system32\ folder.
Create the registry keys:
| Key Name | Key Type | Description |
| CalloutDlls | REG_MULTI_SZ | The location of the MacFilterCallout.dll |
| CalloutEnabled | DWORD | 0 = Disable MacFilterCallout |
| CalloutErrorLogFile | REG_MULTI_SZ | Log path. If this registry key is not specified, callout dll will output errors %WINDIR%\System32\Log.txt |
| CalloutInfoLogFile | REG_MULTI_SZ | Info log path. If this key is not present, no information messages will be logged. |
| CalloutMACAddressListFile | REG_MULTI_SZ | This is the name and location of the MAC filtering list you're going to be creating next. |
Create the MAC list
As I showed above, the key CalloutMACAddressListFile points to a location where you need to create a specially formatted text file that contacts which MAC addresses to filter.You can only choose to allow a certain set of MAC's or DENY them. Here is the format of that file:
Note: You must include the { }'s around either the ALLOW or DENY action
External Links
http://blogs.technet.com/teamdhcp/archive/2007/10/03/dhcp-server-callout-dll-for-mac-address-based-filtering.aspx - DHCP server team's blog with the original article
[win]extract files from a .msi file using the Windows command line
To extract files from a .msi file at the command line, type:
msiexec /a $PathToMSIFile /qb TARGETDIR=$DirectoryToExtractTo
For example, to extract files from c:\foo.msi into c:\foo you would type:
msiexec /a c:\foo.msi /qb TARGETDIR=c:\foo
specify the full path to the destination directory in TARGETDIR property is necessary
Subscribe to:
Posts (Atom)