Vulnerability Development mailing list archives

Re: Possible DHCP DOS attack

From: vlad () SANDY RU (Vladimir Dubrovin)
Date: Fri, 4 Feb 2000 12:04:41 +0300


Hello Tal Hornstein,

03.02.2000 11:02, you wrote: Possible DHCP DOS attack;

T> 2- I would assume any security admin in his right mind will not allow DHCP
T> request from the Internet through the Firewall, thus such an attack can only
T> come from within.

DHCP  requests  cann't come from Internet. Suport of BootP relay agent
(RFC  1532/1542)  is required for routing requests between 2 networks.
DHCP requests use 0.0.0.0 as both SRC and DST address.

P.S. Someone said DHCP "pings" old leases. He's wrong. DHCP will never
release lease before it's expired.

  +=-=-=-=-=-=-=-=-=+
  |Vladimir Dubrovin|
  | Sandy Info, ISP |
  +=-=-=-=-=-=-=-=-=+

Current thread:

Re: Possible DHCP DOS attack Tal Hornstein (Feb 03)
- Re: Possible DHCP DOS attack Paul Keefer (Feb 03)
  - Re: Possible DHCP DOS attack Sen_Ml Sen_Ml (Feb 04)
- Re: Possible DHCP DOS attack Vladimir Dubrovin (Feb 04)
  - Re: Possible DHCP DOS attack Blue Boar (Feb 04)
  - how to transfer files on napster Jason Copenhaver (Feb 05)
    - Re: how to transfer files on napster Jordan Ritter (Feb 05)
    - Re: how to transfer files on napster Blue Boar (Feb 05)
    - Re: how to transfer files on napster Seth Georgion (Feb 05)
    - Re: how to transfer files on napster whitvamp () MINDLESS COM (Feb 05)
    - Re: how to transfer files on napster Jordan Ritter (Feb 05)
    - Re: how to transfer files on napster Blue Boar (Feb 07)
    - Re: how to transfer files on napster David U. (Feb 07)
    - Simple logging utility app Scorpus Kahn (Feb 06)

(Thread continues...)