From: Ellen K. 

Right now our internal addresses are dynamic.   Does that mean we have
DHCP?

On Tue, 29 Mar 2005 07:52:56 -0800, Chris  wrote in
message :

>If people are getting their addresses from a DHCP server, then it is
>easy to change their IP information, normally.  This is true whether
>they are using a static IP address assigned by the DHCP server (using a
>DHCP Reservation) or whether it is a dynamically-assigned IP address
>from the DHCP Server.
>
>If they are manually-configured static IP addresses, you will need to
>touch every machine.
>
>/Chris
>
>Ellen K. wrote:
>> Those users are not admins on their boxes, in view of that can they even
>> change their own IP addresses?   Or if so by default, is there a way to
>> disable that ability?
>>
>> On Mon, 28 Mar 2005 06:10:36 -0500, "Geo"
 wrote in
>> message :
>>
>>
>>>"Ellen K."
 wrote in message
>>>news:vt4f41l3144manu25jpcmu4af0k1a7naoi{at}4ax.com...
>>>
>>>>The guy in charge of the firewall supposedly said that if
everybody had
>>>>a static IP address he could set up rules that way.   ???
>>>
>>>I don't doubt that he can but he's going to lose his mind trying to do it
>>>unless it's done based on subnet instead of individual IP
address, in other
>>>words he's probably going to want to break your internal network into two
>>>zones/IP blocks. One will be allowed full access to the web and the other
>>>will be limited and you move people from one zone to the other
by changing
>>>their static IP address.
>>>
>>>If that's what he's doing, there is nothing wrong with doing it
that way but
>>>it's only as secure as the IP addresses on each machine. If a user can
>>>change his IP he can change his browsing limitations.
>>>
>>>Geo.
>>>
>>
>>

--- BBBS/NT v4.01 Flag-5