Vulnerability Development mailing list archives

Re: Possible DHCP DOS attack

From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Thu, 3 Feb 2000 21:52:26 +0100


On Wed, 2 Feb 2000, Paul Keefer wrote:

It seems like it would be trivial to use a linux box to use proxy
arping to send out a large number of DHCP requests until the server
has no more to give out.

This of course assumes that the network is not using switches that
prevent multiple MACs per port, and that the DHCP servers are not
configured to give IPs out only to specific MACs or something like
that.


On poorly switched networks, you might simply start second dhcpd, causing
real disaster (DoSaster?).

_______________________________________________________
Michal Zalewski * [lcamtuf () ags pl] <=> [AGS WAN SYSADM]
[dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl]
[+48 22 813 25 86] [+48 603 110 160] bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=

Current thread:

Possible DHCP DOS attack, (continued)
- - - Possible DHCP DOS attack Paul Keefer (Feb 02)
    - Re: Possible DHCP DOS attack Sebastian Andersson (Feb 02)
    - Re: Possible DHCP DOS attack Eric Hacker (Feb 03)
    - Re: Possible DHCP DOS attack C.J. Oster (Feb 03)
    - Re: Possible DHCP DOS attack Erik Fichtner (Feb 03)
    - Re: Possible DHCP DOS attack Matthew S. Hallacy (Feb 03)
    - DHCP and Security Nitzenberger, Rob, MSgt, AF/XORR (Feb 03)
    - Re: DHCP and Security Erik Fichtner (Feb 03)
    - Re: DHCP and Security Seth R Arnold (Feb 04)
    - Re: DHCP and Security Jeff Bachtel (Feb 05)
    - Re: Possible DHCP DOS attack Michal Zalewski (Feb 03)
    - Re: Possible DHCP DOS attack Blue Boar (Feb 03)
- Re: distributed.net and seti@home Oliver Friedrichs (Feb 02)
  - Re: distributed.net and seti@home Andrew Brown (Feb 02)
- Re: distributed.net and seti@home Meij Ewout MSM AD CH (Feb 04)