Bugtraq mailing list archives
Re: BOOTP/DHCP security
From: Valdis.Kletnieks () vt edu (Valdis.Kletnieks () vt edu)
Date: Thu, 28 Nov 1996 04:09:57 -0500
On Wed, 27 Nov 1996 21:37:58 +0100, you said:
(1) Make this machine check for bogus MACs in its ARP cache mapped to the servers IP address. This forces the attacker to use a network card with a configurable MAC and usually stops attacks from machines belonging to the network (unless you've got this kind of card installed).
Umm.. are there cards that DONT support changing the MAC address? I know that any card that did older Decnet releases *had* to be able to do this. For another good giggle, find a manager who's just learned about the fact that packet sniffers exist, and point out to him that the Ethernet spec *requires* support for promiscuous mode. Watch him shriek "AAAARRGGGGHH!!!!" and call for the return of IBM3270s hanging off coax. Ever tried to install a sniffer on an IBM bus/tag pair? Kind of hard to do without the operator noticing... ;) Valdis Kletnieks Computer Systems Engineer Virginia Tech
Current thread:
- Re: BOOTP/DHCP security itudps (Nov 27)
- <Possible follow-ups>
- Re: BOOTP/DHCP security itudps (Nov 27)
- Re: BOOTP/DHCP security Benedikt Stockebrand (Nov 27)
- Re: BOOTP/DHCP security itudps (Nov 27)
- CIAC Bulletin H-08: lpr Buffer Overrun Vulnerability David Crawford (Nov 27)
- Re: BOOTP/DHCP security Valdis.Kletnieks () vt edu (Nov 28)
- Irix: more suid fun/exploits Yuri Volobuev (Nov 28)
- Re: BOOTP/DHCP security Alan Cox (Nov 28)