Vulnerability Development mailing list archives

Re: IP Spoofing with DHCP ?

From: "Matthew S. Hallacy" <mhallacy () MERCURY XTRATYME COM>
Date: Mon, 18 Sep 2000 18:31:30 -0500

        Well, I use DHCP on our wireless network, and assign static IP's based on
mac address, it makes it a lot easier to track users, and if we ever have
to renumber, it's painless with the help of a short perl script.


                        -poptix

On Mon, 18 Sep 2000, Bryce Walter wrote:

Why in the heck would anybody ever do authentication based upon IP address
in a DHCP environment?  Security issues aside, this would be completely
pointless and ineffective.  While the IP address of a given computer tends
to stabilize out and will usually keep renewing the same IP address, an
Admin will know that there will be enough IP changes over time that he won't
want to go down that path.  Anytime a user's IP address changes and is
subsequently locked out of something will result in a phone call that
eventually lands on his desk.  As far as what you propose, yeah if you find
a DHCP network thats relying on IP address for authentication, that attack
would work in theory.

But if you have a network admin that doesn't see a problem with that
environment, chances are there will be security gaps in the network at every
turn.


Hi I have a question concerning the DHCP protocol. I've heard that
this protocol could allow a user to choose he's own IP address if it
isn't already assigned to another user. I was wondering if a network
using DHCP to assign IP addresses and authenticating users upon
their IP address could lead to a breach (i know authentication upon
IP address has never been a good security) but in theory would it be
possible for an attacant to DoS a user's box and then spoof his IP
before the ping timeout in order to be authentified as the user ?

Thanks for the help


_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at
http://profiles.msn.com.

Current thread:

Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh), (continued)
- - - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Reid Nichol (Sep 29)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Adam Clarke (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Ben Galehouse (Sep 30)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ben Galehouse (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 27)
    - Re: C versus other languages,round 538 or so (Re: CGI scripts in sh) Crispin Cowan (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ryan Masters (Sep 24)
- Re: IP Spoofing with DHCP ? Bryce Walter (Sep 18)
  - Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 19)
- Re: IP Spoofing with DHCP ? Andre Monteiro (Sep 20)