[TOOL] Gobbler, DHCP Network Auditor

From: support@securiteam.com
Date: 03/09/03

  • Next message: support@securiteam.com: "[UNIX] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2"" 
    From: support@securiteam.com
To: list@securiteam.com
Date: 9 Mar 2003 19:37:07 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    In the US?

    Contact Beyond Security at our new California office
    housewarming rates on automated network vulnerability
    scanning. We also welcome ISPs and other resellers!

    Please contact us at: 323-882-8286 or ussales@beyondsecurity.com
    - - - - - - - - -

      Gobbler, DHCP Network Auditor
    ------------------------------------------------------------------------

    DETAILS

     <http://www.networkpenetration.com/downloads.html> Gobbler is a tool
    designed to audit various aspects of DHCP networks, from detecting if DHCP
    is running on a network to performing a denial of service attack. Gobbler
    also exploits DHCP and Ethernet, to allow distributed spoofed port
    scanning with the added bonus of being able to sniff the reply from a
    spoofed host. This tool is based on proof of concept code "DHCP Gobbler"
    available from networkpenetration.com and the
    <http://www.networkpenetration.com/dhcp_flaws.html> DHCP flaws paper.

    ADDITIONAL INFORMATION

    The tool can be downloaded from:
     <http://www.networkpenetration.com/downloads.html>
    http://www.networkpenetration.com/downloads.html

    The information has been provided by <mailto:
    root@networkpenetration.com> Steven Jones.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: support@securiteam.com: "[UNIX] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2""

    Relevant Pages

    • Re: networking private and public hosts questions
      ... some systmes in storage to create a test network. ... a WS to the child and attempted to pull an IP from the DHCP server, ...
      (microsoft.public.win2000.networking)
    • Re: A little FYI
      ... > fix for a different problem or end up making the same configuration ... Maybe faulty network equipment, ... > to look at what might interfere with DHCP. ... you were not here as I was trying to get the card to stay ...
      (comp.security.firewalls)
    • Re: Preventing DHCP from allocating IPs
      ... Each segment is physically separate with a Linux ... unknown MAC addresses firstly don't get a DHCP ... >> wants access to your network, they will have to come to you to obtain ...
      (Security-Basics)
    • Cable Connectivity
      ... address for the Network Card with network address 00402B2F688C. ... The DHCP Client service on your computer did not receive a response ... If connection with the network is not established using this APIP ... the DHCP Client service will try to contact the DHCP server ...
      (microsoft.public.windowsxp.general)
    • Re: Exchange not loading properly, since updates?
      ... No other DHCP services running on the network. ... >> here is the changelog text, ... >> Old Subnet Mask: 255.255.255.0 ...
      (microsoft.public.windows.server.sbs)