Vulnerability Development mailing list archives
Re: Possible DHCP DOS attack
From: bofh () DIEGEEKDIE COM (Sebastian Andersson)
Date: Thu, 3 Feb 2000 08:58:50 +0100
On Wed, Feb 02, 2000 at 09:19:52PM -0000, Paul Keefer wrote:
Has this already been addressed? Am I missing something fundamental about DHCP?
No, this would work in many places. In a completly switched network, you find the computer pretty soon by looking at the MAC/port tables (after you find some suspect MAC adresses from the DHCP server). Most switched networks allow you to trace all MAC adresses to the right port. From there you can find the computer via pull&plug or with a network sniffer. You can protect your DHCP server from this by require that new MAC adresses be authorized before they can be used (or assigned to a limited pool until they are authorized). There are more fun ways to play with DHCP though. Why not answer yourself? Tell the client about your own DNS server, your own WINS server, your own gateway... Pretty easy to capture all interesting traffic you want to/from that computer or DOS the computer or whatever. /Sebastian
Current thread:
- Re: distributed.net and seti@home, (continued)
- Re: distributed.net and seti@home Seth R Arnold (Jan 31)
- Re: distributed.net and seti@home CyberPsychotic (Jan 31)
- Re: distributed.net and seti@home Oliver Friedrichs (Feb 01)
- Re: distributed.net and seti@home Iván Arce (Feb 02)
- Re: distributed.net and seti@home Oliver Friedrichs (Feb 01)
- Re: distributed.net and seti@home Sen_Ml Sen_Ml (Feb 01)
- Re: distributed.net and seti@home Kerneels (Feb 02)
- Re: distributed.net and seti@home Granquist, Lamont (Feb 03)
- Re: distributed.net and seti@home Steffen Zahn (Feb 04)
- Re: distributed.net and seti@home Sen_Ml Sen_Ml (Feb 01)
- Possible DHCP DOS attack Paul Keefer (Feb 02)
- Re: Possible DHCP DOS attack Sebastian Andersson (Feb 02)
- Re: Possible DHCP DOS attack Eric Hacker (Feb 03)
- Re: Possible DHCP DOS attack C.J. Oster (Feb 03)
- Re: Possible DHCP DOS attack Erik Fichtner (Feb 03)
- Re: Possible DHCP DOS attack Matthew S. Hallacy (Feb 03)
- DHCP and Security Nitzenberger, Rob, MSgt, AF/XORR (Feb 03)
- Re: DHCP and Security Erik Fichtner (Feb 03)
- Re: DHCP and Security Seth R Arnold (Feb 04)
- Re: DHCP and Security Jeff Bachtel (Feb 05)
- Re: Possible DHCP DOS attack Michal Zalewski (Feb 03)
- Re: Possible DHCP DOS attack Blue Boar (Feb 03)