Vulnerability Development mailing list archives
Re: Possible DHCP DOS attack
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Thu, 3 Feb 2000 21:52:26 +0100
On Wed, 2 Feb 2000, Paul Keefer wrote:
It seems like it would be trivial to use a linux box to use proxy arping to send out a large number of DHCP requests until the server has no more to give out. This of course assumes that the network is not using switches that prevent multiple MACs per port, and that the DHCP servers are not configured to give IPs out only to specific MACs or something like that.
On poorly switched networks, you might simply start second dhcpd, causing real disaster (DoSaster?). _______________________________________________________ Michal Zalewski * [lcamtuf () ags pl] <=> [AGS WAN SYSADM] [dione.ids.pl SYSADM] <-> [http://lcamtuf.na.export.pl] [+48 22 813 25 86] [+48 603 110 160] bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- Possible DHCP DOS attack, (continued)
- Possible DHCP DOS attack Paul Keefer (Feb 02)
- Re: Possible DHCP DOS attack Sebastian Andersson (Feb 02)
- Re: Possible DHCP DOS attack Eric Hacker (Feb 03)
- Re: Possible DHCP DOS attack C.J. Oster (Feb 03)
- Re: Possible DHCP DOS attack Erik Fichtner (Feb 03)
- Re: Possible DHCP DOS attack Matthew S. Hallacy (Feb 03)
- DHCP and Security Nitzenberger, Rob, MSgt, AF/XORR (Feb 03)
- Re: DHCP and Security Erik Fichtner (Feb 03)
- Re: DHCP and Security Seth R Arnold (Feb 04)
- Re: DHCP and Security Jeff Bachtel (Feb 05)
- Re: Possible DHCP DOS attack Michal Zalewski (Feb 03)
- Re: Possible DHCP DOS attack Blue Boar (Feb 03)
- Re: distributed.net and seti@home Andrew Brown (Feb 02)