MCE123 Logo

This website uses Cookies, and by using the website, you accept our Terms of Service, Privacy Policy, and other applicable policies set by our Legal Department.

You agree to stay up to date on any changes to our legal policies, as they are posted, by visiting our Legal Department. For your viewing convenience, we are not required to notify you again.

I Agree I Disagree

MCE123 - Technology Development

  2. Home
  3. Portfolio
  4. Technology Development
  5. Information Technology (IT)
  6. Security (S)
  7. Upgrade DHCP Protocol to be more Security Friendly
Security (S)

Upgrade DHCP Protocol to be more Security Friendly

There could be modifications to the DHCP Protocol, such as having it work with WEP/WPA verification, and even having the system have a blanket control over all switching operations, so that rogue DHCP servers are kept from accessing the network. This could be done with a Layer 4 switch, by blocking DHCP services if they don’t originate from the trusted DHCP server. The switch, whether it control a Wireless Access Point, and/or multiple WAPs, and/or wired ports, could prevent someone from plugging in another router into the network to create an internal network that is mapped via IP (Layer 3) – Network Address Translation (NAT) and TCP (Layer 4) – Port Address Translation (PAT) – which could theoretically be used to re-route traffic away from the services that are defined by the authorized DHCP server, and pass them through a proxy-type of high-level intelligent routing that could steal logins and passwords, not to mention financial information, social security numbers, and any other information transmitted over the network.

There should be modifications to the way that DHCP works for client systems as well, such as specifying the DHCP server from a local DNS server (Layer 7) that operates with Layer 3 (Routing) to completely change how a client must access DHCP services. It could basically require that the client register in the Layer 3 table with a temporary IP address, while its security is checked – and as it negotiates its connection with the actual DHCP server, through a Layer 7 verification method, it is not allowed to communicate with other devices on the network. The systems could take on a rather forensic analysis of the network interface of the client, to determine if it is spoofing its MAC address – such as requesting a security key from the device that is verified by a third party such as Verisign – even a company like Dyn could implement this type of Layer 7 security negotiation. And the connection to the Internet could be limited so much, that only the security parameters can be communicated, in the case that the network isn’t attached to the outside world – such as an internal Financial Services company.

There could be other methods similar, or dissimilar to this, that could also be used. Obviously it’s going to take a major organization, such as IEEE and/or ICAAN, to implement changes like this.

Intellectual Property Rights Management

MCE123SM Intellectual Property Development

MCE123SM invents original concepts for new high-tech technologies in our Technology Development department that can be purchased by other organizations to develop into physical products. Before you invest any time or money into refining or producing any invention that is in relation to anything you view on our website, please consult with our Legal Department. You must purchase all intellectual property relating to a technology concept before you begin work on any of our products. Failure to do so will result in Intellectual Property Theft lawsuits and cases to compensate our company for intellectual and monetary damages that we have incurred due to any third party developing any of our products.

This Intellectual Property is owned by MCE123SM Technology Development. By viewing this Intellectual Property, you agree to the rights of the IP holder established under the Intellectual Property Rights Management agreement. To use the Intellectual Property, you must first obtain an Intellectual Property license, and you must pay royalties for each product that is produced using the Intellectual Property license.


DMCA.com Protection Status Site Protected by SiteLock