We need to know who is responsible for any machine in one of our networks. Even more, we need to be able to "switch off" a host which is not on the current patch level. To do that, we have a database containing all ever seen MAC-addresses. A webbased frontend on admin.phys.ethz.ch https://admin.phys.ethz.ch/macadm/ allows to change the database. Changes may also be done directly with
mysql on admin.phys. Our DHCP-servers (dejen and stock), have a cronjob which reads out the database and keeps the dhcp-configuration in sync.
Unknown hosts will get a private IP and a DNS server containing a wildcard entry to the DHCP server. A user starting a webbrowser will see http://dhcp.phys.ethz.ch/. They will need to contact us to get access to the LAN.
Rules for entering records
- user should contain the standard user of the host. In case of shared hosts of our students clusters, isg should be entered
- admin should contain the responsible person for this host. In case of a personal computer, Admin will be the same as User.
- deputy should contain some other person who knows about this host. Make sure that between user, admin, and deputy there are at least 2 different people involved. deputy is often the IT person of the institute (Informatikkoordinator).
- Comment must be filled with information about the machine.
- a DHCP-host not seen more then 45 days will expire
- a static-host not seen more then 45 days will expire
A user asks for a registration
- Inform about the need to keep his machine up to date
- Inform about the possibility to update his machine (Windowsupdate, Softwareupdate, ...)
- Inform the user about his mail @phys.ethz.ch
- Inform about http://nic.phys.ethz.ch/ and the mailinglist, if possible the user should be entered in the mailinglist
- Enter the data, the user must give the information needed, he should know who is his administrator
- Lookup your MAC-Address: http://dhcp.phys.ethz.ch/
- Manage MAC-Addresses: https://admin.phys.ethz.ch/macadm2/
- Statistic over the DHCP Usage: http://dhcp.phys.ethz.ch/dhcp/
- Regulations for ICT security: http://www.phys.ethz.ch/phys/dep/announce/ict-sicherheit