Vulnerability Development mailing list archives
Re: DHCP and Security
From: r4sc4l () HUSHMAIL COM (r4sc4l () HUSHMAIL COM)
Date: Fri, 4 Feb 2000 10:29:52 -0700
DHCP discover packets typically contain the last known IP address of the client for the given interface being used to broadcast the request. If this IP address is still available, the server will try to re-use it, (assuming an rfc compliant implementation.) This is both a security feature and a security problem, depending on how you look at it. A proper server implementation will also let you specify the bind retention time for the address after the lease expires, to ensure an IP is still available when a user returns from travelling in a week or two. This process, coupled with lease durations set to a few days instead of a few hours, provides a fairly reliable mapping and keeps the addresses fairly constant even for frequent travellers. Still, you don't want to use dhcp for servers where high availability is a requirement. Kiddies: for a really fun and interesting exercise, set your bind and lease durations to less than the time it takes to do the spanning tree calculation on your ethernet switch. rascal IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.
Current thread:
- Re: DHCP and Security Bryce Walter (Feb 04)
- <Possible follow-ups>
- Re: DHCP and Security r4sc4l () HUSHMAIL COM (Feb 04)