nanog mailing list archives
Re: Secure DHCP?
From: Daniel Senie <dts () senie com>
Date: Sat, 24 Jul 1999 22:45:39 -0400
Nicholas Bastin wrote:
(I felt this message had enough operational relevance to post on this list. If any feels otherwise, please let me know.) After having experienced a rather malicious attack on our corporate network by someone running a rogue DHCP server, I'm wondering if there's any way to prevent this from happening again?
You don't specify whether this was a corporate network or a production (e.g. cable) network. The short answer (especially if a corporate network): get him fired, or worse. (I.e. take some sort of legal action). If a public, network, such as a cable modem system, that'd be fairly nasty...
The perpetrator basically managed to renumber most of an entire subnet (into an entirely different IP block) of our network, causing a major denail of service. I've read the RFC's and checked all the network reference books I can find, and none of them indicate any way to prevent this from happening again. Am I missing something here, or is it time to start writing RFC's? Thanks in advance.
Well, the problem that comes up, is how does the workstation figure out who to trust? The DHCP client basically knows nothing about the IP addressing of the network (which is why it's asking a DHCP server). It's not desirable to have it know anything, because that'd limit the ability to have your DHCP client be portable. The best thing about DHCP is the ability to plug into any LAN anywhere that supports DHCP, and be able to operate. There may well be some ways to authenticate a legitimate DHCP server from an illegitimate one, but discussion of that is probably off-topic for NANOG. I'd be happy to discuss the matter further off this list, or on an appropriate list, however, and would like to hear more details of the situation in your case. Dan -- ----------------------------------------------------------------- Daniel Senie dts () senie com Amaranth Networks Inc. http://www.amaranthnetworks.com
Current thread:
- Secure DHCP? Nicholas Bastin (Jul 24)
- Re: Secure DHCP? Daniel Senie (Jul 24)
- Re: Secure DHCP? Andrea Di Lecce (Jul 25)
- Re: Secure DHCP? Aaron Hopkins (Jul 24)
- Re: Secure DHCP? Eric Germann (Jul 25)
- Re: Secure DHCP? Alex Bligh (Jul 25)
- Re: Secure DHCP? Fletcher E Kittredge (Jul 26)
- Re: Secure DHCP? Daniel Senie (Jul 26)
- Re: Secure DHCP? Daniel Senie (Jul 24)