Re: DoS against DHCP

From: Russell Handorf (
Date: 01/31/02

Date: Wed, 30 Jan 2002 18:34:35 -0500
To: RSnake <>,
From: Russell Handorf <>

if [ $# -eq 0 ]
         echo "You're missing the arguement of how many times for me to
         exit 1
while [ $counter -le $1 ]
         ifconfig eth0 down
         ./changemac -r
         ifconfig eth0
         coutner=`expr $counter + 1`
echo "done"

Contingent on you having changemac or some other way to randomize a new mac


At 02:20 PM 1/30/2002 -0800, you wrote:

> I came up with this about a year back at DefCon, and told some
> friends
>in hopes that either they or I would do something with it, but none of us had
>time so here goes, and please feel free to write this yourself. DoS against
> A DHCP server has only a certain amount of addresses availible. If
>you (a single malicious machine connected to the network) actively take up all
>availible IP address, and compete against the machines that are currently
>connected you should be able to completely take all availible IP addresses and
>block access to the DHCP server. You could do this by opening many interfaces
>on a linux box and asking for many DHCP addresses and lying that you connected
>before any competing machines (or DoS the competing machine directly until the
>DHCP server releases the IP address to you).
> This combined with war-driving could take down any DHCP IP address
>block within wireless range. Kinda nasty, but only effective as long as you
>stay connected to the network, so a compromised machine on the network
>might be
>necessary for extended DoS. Probably the way around this would be a) some
>of authentication to log into the DHCP server and or b) using leap or
>similar. MAC addresses are spoofable, so it probably wouldn't be a good idea
>to limit the number of times a particular MAC address connects to the network,
>as that would just be a sloppy obfuscation. DHCP has always seemed like a bad
>idea to me. Sorry if this seems obvious.

Russell Handorf
oooo, shiney ::Wanders after it::

"Computer games don't affect kids, I mean if Pacman affected us as kids,
we'd all be running around in darkened rooms, munching pills and listening
to repetitive music." ~unknown