Re: dhcp
From: Alok Menghrajani (alok.menghrajani@epfl.ch)Date: 01/16/02
- Next message: Kasper Dupont: "Re: Acces ftp passive mode with iptables"
- Previous message: Marc Greene: "Re: strange nmap scan"
- In reply to: Kasper Dupont: "Re: dhcp"
- Next in thread: Kasper Dupont: "Re: dhcp"
- Reply: Kasper Dupont: "Re: dhcp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Alok Menghrajani" <alok.menghrajani@epfl.ch> Date: Wed, 16 Jan 2002 22:57:50 +0100
I'm a student at the epfl (swiss it). We have about 10000 computers on the
lan, and there are ethernet plugs all over the place (anybody
can just come and plug in their PC in the class rooms, labs or corridors).
How come the network is up and running. It seems very easy to
break it down. I don't see the point of doing this, but if somebody does,
then it can be a real mess, because students often have exams where they
need the pc, or all the lab computers can be down, all the backup systems,
etc... Basically what I mean is that everything is on the same LAN, and the
dhcp server is making the entire network unsecure. I admit that without a
dhcp server, configuring 10'000 computers would be really a big task, but
isn't there any other alternatives ?
Alok.
Kasper Dupont <kasperd@daimi.au.dk> wrote in message
news:3C44B9AE.40C88EDD@daimi.au.dk...
> Alok Menghrajani wrote:
> >
> > Hi,
> >
> > Isn't it dangerous to use dhcp on a network ? Suppose I have physical
access
> > to a LAN which has got a dhcp server (eg my university). If I connect my
> > computer to the LAN and run a misconfigured dhcp server, isn't it going
to
> > breakdown the network ? The answer is probably no, otherwise people
wouldn't
> > use dhcp. But I don't understand why there can't be any conflicts.
>
> I think a misconfigured dhcp server could break the normal network
> operation. But I don't consider that a dhcp problem because I think
> a misconfigured host could break network operation even without
> runing a dhcp server. I have tried to accidentially configure two
> computers on the same netsegment to use the same IP address.
>
> Don't allow untrusted hosts on an important network.
>
> --
> Kasper Dupont
> For sending spam use mailto:u972183+6138@daimi.au.dk
- Next message: Kasper Dupont: "Re: Acces ftp passive mode with iptables"
- Previous message: Marc Greene: "Re: strange nmap scan"
- In reply to: Kasper Dupont: "Re: dhcp"
- Next in thread: Kasper Dupont: "Re: dhcp"
- Reply: Kasper Dupont: "Re: dhcp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
