Vulnerability Development mailing list archives
Re: swbell DSL bug ?
From: spoonm () PACMAN SPOONTECH NET (spoonm)
Date: Mon, 8 May 2000 09:01:49 -0700
Well on that same idea, but on cable. I am using hsacorp cable service under the Charter Network. Basically i was told you get 1 ip address that is released every 24 hours or so. Well under windows it seems to do this, but when i boot up my linux router, i had dhcp give me my ip. Then i just that ip and the routes into a static setup, and my ip hasnt changes in 3 months. So, then i wanted another ip for another server, so i pulled the nic out of my linux w/dhcp box and blopped it into my openbsd box and just setup the normal ip and routes, blah blah, and since the cable runs on mac, it worked fine.. then i just got dhcp to dish me out another ip address, and did the same thing again. I know its not really a hole, or vulnerablity like some people think, im just making a point on how you can get a little more bang for you buck on some cable services. spoonm, Sr President Spoontech http://www.spoontech.net On Sun, 7 May 2000, Ryan Bonnett wrote:
With US West DSL services on my linux machine I was taking an entire C block in this same fashion. You have to realize, these are DHCP address pools that you are doing this with. There is no significant advantage to taking more than one address, it isn't like you can provide any reliable service on a dynamic address. If they ran out of IP address space, went in to check out why, and saw you hogging a bunch of addies, they'd probably terminate your service. At the very least they would clear all connections to the pool and give you a call. This is how networks are meant to work, there is no bug or vulnerability here, just the possibility that you'll anger your service provider. ___________________________________________ Ryan Bonnett Product Operations Engineer Excite @ Home E-Business Services Group rbonnett () excithome net Everything should be made as simple as possible, but not simpler. -Albert Einstein -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Ryan Sweat Sent: Sunday, May 07, 2000 1:24 PM To: VULN-DEV () SECURITYFOCUS COM Subject: swbell DSL bug ? Southwester Bell is a big provider of dsl access in some parts of the US. Dhcp provides an IP address and the lease expires in about 72 hours. They claim the IP cannot be changed, however when playing around last night, I found if you install another ethernet card, and switch the cable to the new card, it happily gives you another IP address. The dhcp server must rely on mac address when providing a lease for an ip. This could pose many problems. How can accounting be kept when a user can change his ip whenever he likes? I have more testing to do, but I do not see why you couldnt install a few nic cards and get ip address for each one, which swbell would like to charge you much more money for. I am looking into a way to change the mac address in windows. I know it can be done in linux through ifconfig. Maybe somone has experience in this ?? batrox () swbell net
Current thread:
- Re: The Million Dollar Solution, (continued)
- Re: The Million Dollar Solution Richard Rager (May 07)
- Re: The Million Dollar Solution Alexander Sanda (May 06)
- Re: The Million Dollar Solution Dimitry Andric (May 06)
- Re: The Million Dollar Solution Vince Gittins (May 06)
- Re: The Million Dollar Solution Oystein Viggen (May 07)
- swbell DSL bug ? Ryan Sweat (May 07)
- Re: swbell DSL bug ? Seth R Arnold (May 07)
- Re: swbell DSL bug ? J . Phillips (May 08)
- Re: swbell DSL bug ? vassago (May 08)
- swbell DSL bug ? Ryan Sweat (May 07)
- Re: swbell DSL bug ? Ryan Bonnett (May 07)
- Re: swbell DSL bug ? spoonm (May 08)
- Re: swbell DSL bug ? marc (May 08)