Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe

From: "Alex Lambert" <alambert () webmaster com>
Date: Sat, 9 Feb 2002 15:38:59 -0600
I've been thinking about something along these lines for some time...

Sane DHCP clients should try to ARP an address before accepting a lease from
their server. From what I have observed, it would be trivially easy for an
attacker to deny access to his entire segment by intercepting DHCPREQUEST or
DHCPOFFER messages, and then forging ARP replies for the IP offered.
Additionally, the attacker could easily discriminate target MAC addresses,
and kill only a certain user's service. In my experiences with Windows 95
OSR2's DHCP client, the system seems to be almost unusable during DHCP
refreshes. Also, it would be easy to forge DHCPNAC messages, though I have
not attempted such. This would be a common problem in any LAN-like
environment; it is not specific to cable.

Has anyone else experiemented with something such as this? Or is my
understanding of this terribly mangled? ;-)


apl

----- Original Message -----
From: "b_1995" <b_1995 () shaw ca>
To: "Jon Zobrist" <kgb () ussr com>; <vuln-dev () securityfocus com>
Sent: Thursday, February 07, 2002 9:19 PM
Subject: Re: chaging your @home IP address... could you take a bunch of
them....probably... could you get something from it...maybe


 *snip*
Previous By Date Next
Previous By Thread Next

Current thread: