Vulnerability Development mailing list archives
Re: swbell DSL bug ?
From: jamie.phillips () NS SYMPATICO CA (J . Phillips)
Date: Mon, 8 May 2000 12:57:24 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jeff, Keeping in mind that IP address assignment is but one small aspect of DHCP service I would agree with your point that upon waiting for ARP cache to clear it is possible for another address to be leased. However that is not always the case; for instance I know that with NetID you can assign a scope to have statically assigned DHCP IP addresses. Obviously there is much other info in the DHCP packets besides address ie. DNS, default routers etc. as well as management benefits to having this info dynamically assigned. Further, with my ISP, while each customer is assigned the same address internally, these static addresses are not routable IP's(ie. 10.x.x.x). The internal address assigned according to MAC address is translated by an edge proxy into valid routable IP's. This proxy/NAT also provides address rotation so that every couple minutes or so my external routable IP is different while my internal stays the same. They log associations on the proxy and can adequately track what is who(provided you have not hijacked another members MAC addy). So, anyways, I agree this is certainly not a bug.....just interesting to think about! Jamie - -----Original Message----- From: Jeffrey Karpenko [mailto:Jeffrey.Karpenko () rhigroup com] Sent: May 8, 2000 12:24 PM To: 'J . Phillips'; VULN-DEV () SECURITYFOCUS COM Subject: RE: swbell DSL bug ? Jamie: From what you are saying it seems your ISP is providing Static IP Addresses to the customer. I say that because you indicate that each person has an IP Address assigned to them and it is recorded that that person now owns that address. If I am misunderstanding you then . . . well. Anyway, ISP's will be using DHCP. My ISP, for instance, is using DHCP. Now while my lease of the IP Address expires after 180,000 seconds (2.08 days), I can be fairly certain that I can obtain the same IP Address the next time I login because the ARP is still cached. However, if I wait a long while before logging in again, I am fairly certain my IP will change. I haven't actually attempted this yet mind you. I would assume that if my current ISP has very few customers then regardless if the ARP Cache clears or not, I would probably obtain the same IP Address. However, if the ISP DSL customer base were to grow, then so would the chances that my IP Address would be taken by some other user once my 180,000 seconds expired. In either case it is not a bug. Jeffrey Hash: SHA1 Absolutley, my DSL provider's DHCP will only assign an IP to the MAC address on the NIC they provided, and it is always the same internal IP. There are however ways to change the burned in address, with which you could theoretically borrow someone else's IP on the same subnet, provided they did not have an IP already leased.(or perhaps even if they do??.) Jamie -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBORbj49GSUCkLAscrEQK/GACg1Mr08qR3ZLFtydpj874iZwvLjwsAoLWk sWrkMjOI80s8uBH2whO+UvjT =SMCh -----END PGP SIGNATURE-----
Current thread:
- Re: swbell DSL bug ? Jeffrey Karpenko (May 08)
- Re: swbell DSL bug ? J . Phillips (May 08)
- <Possible follow-ups>
- Re: swbell DSL bug ? Jeffrey Karpenko (May 08)
- Re: swbell DSL bug ? Miller Scott Contr 30CS/FTI (May 08)
- Re: swbell DSL bug ? vassago (May 08)
- Re: swbell DSL bug ? Myxt (May 08)