Re: protecting DHCP servers
From: Akop Pogosian (akopps@CSUA.Berkeley.EDU)Date: 05/18/02
- Previous message: Seth Arnold: "Re: protecting DHCP servers"
- In reply to: Seth Arnold: "Re: protecting DHCP servers"
- Next in thread: Carl R. Friend: "Re: protecting DHCP servers"
- Next in thread: Scott Gifford: "Re: protecting DHCP servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 May 2002 19:14:13 -0700 From: Akop Pogosian <akopps@CSUA.Berkeley.EDU> To: focus-linux@securityfocus.com
On Fri, May 17, 2002 at 06:22:54PM -0700, Seth Arnold wrote:
<snip>
> Akop, yes, an attacker can spoof a source 0.0.0.0 in order to attack
> your dhcp server, and generally, the only way to prevent this is some
> level of sanity checking IPs based on the _interfaces_ the packet came
> in through.
>
> e.g., if your dhcp server has two NICs:
>
> eth0 is connected to the untrusted network
> eth1 is connected to trusted subnet
Actually, both "trusted" subnets are connected to the internet using
other routers to which I don't really have access. So, this solution
won't work. I call them trusted only because I "trust" that no
computer on those subnets will try to exploit anything on the server.
-akop
- Previous message: Seth Arnold: "Re: protecting DHCP servers"
- In reply to: Seth Arnold: "Re: protecting DHCP servers"
- Next in thread: Carl R. Friend: "Re: protecting DHCP servers"
- Next in thread: Scott Gifford: "Re: protecting DHCP servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
