From: Chris 

If people are getting their addresses from a DHCP server, then it is easy
to change their IP information, normally.  This is true whether they are
using a static IP address assigned by the DHCP server (using a DHCP
Reservation) or whether it is a dynamically-assigned IP address from the
DHCP Server.

If they are manually-configured static IP addresses, you will need to touch
every machine.

/Chris

Ellen K. wrote:
> Those users are not admins on their boxes, in view of that can they even
> change their own IP addresses?   Or if so by default, is there a way to
> disable that ability?
>
> On Mon, 28 Mar 2005 06:10:36 -0500, "Geo"
 wrote in
> message :
>
>
>>"Ellen K."
 wrote in message
>>news:vt4f41l3144manu25jpcmu4af0k1a7naoi{at}4ax.com...
>>
>>>The guy in charge of the firewall supposedly said that if everybody had
>>>a static IP address he could set up rules that way.   ???
>>
>>I don't doubt that he can but he's going to lose his mind trying to do it
>>unless it's done based on subnet instead of individual IP address, in other
>>words he's probably going to want to break your internal network into two
>>zones/IP blocks. One will be allowed full access to the web and the other
>>will be limited and you move people from one zone to the other by changing
>>their static IP address.
>>
>>If that's what he's doing, there is nothing wrong with doing it that way but
>>it's only as secure as the IP addresses on each machine. If a user can
>>change his IP he can change his browsing limitations.
>>
>>Geo.
>>
>
>

--- BBBS/NT v4.01 Flag-5