Vulnerability Development mailing list archives
Re: IP Spoofing with DHCP ?
From: "Matthew S. Hallacy" <mhallacy () MERCURY XTRATYME COM>
Date: Mon, 18 Sep 2000 02:02:38 -0500
You could just as easily (as the attacker) set your IP staticly. -poptix On Mon, 18 Sep 2000, Skreel wrote:
Hi I have a question concerning the DHCP protocol. I've heard that this protocol could allow a user to choose he's own IP address if it isn't already assigned to another user. I was wondering if a network using DHCP to assign IP addresses and authenticating users upon their IP address could lead to a breach (i know authentication upon IP address has never been a good security) but in theory would it be possible for an attacant to DoS a user's box and then spoof his IP before the ping timeout in order to be authentified as the user ? Thanks for the help
Current thread:
- IP Spoofing with DHCP ? Skreel (Sep 17)
- Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 18)
- Re: IP Spoofing with DHCP ? Alon Oz (Sep 18)
- Re: IP Spoofing with DHCP ? Nathan Einwechter (Sep 19)
- CGI scripts in sh Crypteria (Sep 20)
- Re: CGI scripts in sh Mark Rafn (Sep 21)
- Serv-U FTP deals makes connections with www.cat-soft.com [ KoSaK ] (Sep 22)
- Re: Serv-U FTP deals makes connections with www.cat-soft.com Dimitry Andric (Sep 22)
- CGI scripts in sh Crypteria (Sep 20)
- Re: CGI scripts in sh Crispin Cowan (Sep 21)
- Re: CGI scripts in sh Gordon Messmer (Sep 21)
- Re: CGI scripts in sh Lincoln Yeoh (Sep 22)
- Re: CGI scripts in sh Crispin Cowan (Sep 23)