Firewall Wizards mailing list archives
RE: Bogus DHCP server in the network....
From: Henry Sieff <hsieff () orthodon com>
Date: Tue, 5 Oct 1999 09:21:37 -0500
Contact your service provider. They will take the appropriate steps; anything you do to him would be ambiguous froma legal standpoint, and may violate your TOS (two wrongs not making a right, and all that. -- Henry Sieff Network Nanny Orthodontic Centers of America (504) 834-4392 ext.135
-----Original Message----- From: TUDOR PANAITESCU [mailto:tpanaitescu () usa net] Sent: Sunday, October 03, 1999 6:38 AM To: firewall-wizards () nfr net Subject: Bogus DHCP server in the network.... Hello fellow wizards, Here's the picture. I am a client of Adelphia PowerLink CableTV. They use DHCP for giving IP addresses. In the last weeks a bogus DHCP server showed up into the network giving addresses in 192.168.244.128/25. The guy is using aliasing on his Ethernet interface, he has an address aquired from the ISP in the ISP's range and he configured his interface with 192.168.244.129 too. I have his MAC. He gives DNS services. The system the hacker uses is totally protected, no ports are "visible" to allow to try to do something to his system (can syn flood be a solution?). Some time ago the hacker provided forwarding also but now he's not forwarding anymore anoying lots of people in the net as they don't have access to the INTERNET. I believe it is a UNIX box, most likely LINUX with NAT. Now here comes the question: is anything there we can do to block this guy ? Any answer will be greately appreciated. I will sumarize also for archiving purposes. TIA & best regards, Tudor ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- Bogus DHCP server in the network.... TUDOR PANAITESCU (Oct 04)
- Re: Bogus DHCP server in the network.... 2 (Oct 05)
- Re: Bogus DHCP server in the network.... Joseph S D Yao (Oct 05)
- RE: Bogus DHCP server in the network.... Baribault, Gary (Oct 05)
- <Possible follow-ups>
- Re: Bogus DHCP server in the network.... Ryan Russell (Oct 05)
- RE: Bogus DHCP server in the network.... sean . kelly (Oct 05)
- RE: Bogus DHCP server in the network.... Henry Sieff (Oct 05)