Vulnerability Development mailing list archives
Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe
From: "Alex Lambert" <alambert () webmaster com>
Date: Sat, 9 Feb 2002 15:38:59 -0600
I've been thinking about something along these lines for some time... Sane DHCP clients should try to ARP an address before accepting a lease from their server. From what I have observed, it would be trivially easy for an attacker to deny access to his entire segment by intercepting DHCPREQUEST or DHCPOFFER messages, and then forging ARP replies for the IP offered. Additionally, the attacker could easily discriminate target MAC addresses, and kill only a certain user's service. In my experiences with Windows 95 OSR2's DHCP client, the system seems to be almost unusable during DHCP refreshes. Also, it would be easy to forge DHCPNAC messages, though I have not attempted such. This would be a common problem in any LAN-like environment; it is not specific to cable. Has anyone else experiemented with something such as this? Or is my understanding of this terribly mangled? ;-) apl ----- Original Message ----- From: "b_1995" <b_1995 () shaw ca> To: "Jon Zobrist" <kgb () ussr com>; <vuln-dev () securityfocus com> Sent: Thursday, February 07, 2002 9:19 PM Subject: Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe *snip*
Current thread:
- chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Jon Zobrist (Feb 05)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Jon Zobrist (Feb 05)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Sean Davis (Feb 05)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Russell Handorf (Feb 05)
- Re: chaging your @home IP address... could you take a bunch ofthem....probably... could you get something from it...maybe Blue Boar (Feb 05)
- Re: chaging your @home IP address... could you take a bunch ofthem....probably... could you get something from it...maybe Russell Handorf (Feb 06)
- Re: chaging your @home IP address... could you take a bunch ofthem....probably... could you get something from it...maybe Laurence Brockman (Feb 06)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Replugge [Rod] (Feb 06)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Russell Handorf (Feb 05)
- <Possible follow-ups>
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe b_1995 (Feb 09)
- Re: chaging your @home IP address... could you take a bunch of them....probably... could you get something from it...maybe Alex Lambert (Feb 09)