Re: DoS against DHCPFrom: Russell Handorf (firstname.lastname@example.org)
- Previous message: John Stauffacher: "RE: DoS against DHCP"
- In reply to: RSnake: "DoS against DHCP"
- Next in thread: Craig Van Tassle: "Re: DoS against DHCP"
- Next in thread: Ed Moyle: "RE: switch jamming"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Jan 2002 18:34:35 -0500 To: RSnake <email@example.com>, firstname.lastname@example.org From: Russell Handorf <email@example.com>
if [ $# -eq 0 ]
echo "You're missing the arguement of how many times for me to
while [ $counter -le $1 ]
ifconfig eth0 down
coutner=`expr $counter + 1`
Contingent on you having changemac or some other way to randomize a new mac
At 02:20 PM 1/30/2002 -0800, you wrote:
> I came up with this about a year back at DefCon, and told some
>in hopes that either they or I would do something with it, but none of us had
>time so here goes, and please feel free to write this yourself. DoS against
> A DHCP server has only a certain amount of addresses availible. If
>you (a single malicious machine connected to the network) actively take up all
>availible IP address, and compete against the machines that are currently
>connected you should be able to completely take all availible IP addresses and
>block access to the DHCP server. You could do this by opening many interfaces
>on a linux box and asking for many DHCP addresses and lying that you connected
>before any competing machines (or DoS the competing machine directly until the
>DHCP server releases the IP address to you).
> This combined with war-driving could take down any DHCP IP address
>block within wireless range. Kinda nasty, but only effective as long as you
>stay connected to the network, so a compromised machine on the network
>necessary for extended DoS. Probably the way around this would be a) some
>of authentication to log into the DHCP server and or b) using leap or
>similar. MAC addresses are spoofable, so it probably wouldn't be a good idea
>to limit the number of times a particular MAC address connects to the network,
>as that would just be a sloppy obfuscation. DHCP has always seemed like a bad
>idea to me. Sorry if this seems obvious.
oooo, shiney ::Wanders after it::
"Computer games don't affect kids, I mean if Pacman affected us as kids,
we'd all be running around in darkened rooms, munching pills and listening
to repetitive music." ~unknown