Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP
From: Skip Carter <skip () taygeta com>
Date: Wed, 21 Sep 2005 12:38:35 -0700

DHCP allocates IP addresses dynamically.  How does DHCP know which (fixed 
printer) IP addresses to stay away from?  Does anyone know of a way to get 
this list?

Well, actually that depends upon how you configure the DHCP server.

You can configure it to have a MAC address whitelist and to always give
a specific MAC address a specific IP address (a bit more secure and
makes auditing network events much easier as well).

The ISC DHCP server would have lines such as this:

host zaurak {
  hardware ethernet 00:e0:98:b0:e1:7d;
  fixed-address zaurak.vix.com;

for each allowed MAC address.

With or without a whitelist, by defining address pools, you can tell
the server which addresses to hand out and which ones to not use.

Again for the ISC DHCP server config file would use lines such as
the following for each dynamic block:

subnet netmask {
  option name-servers bb.home.vix.com, gw.home.vix.com;
  option domain-name "vix.com";
  option routers;
  option subnet-mask;
  option broadcast-address;
  default-lease-time 600;
  max-lease-time 7200;

(to allocate .26 to .30)


 Dr. Everett (Skip) Carter           Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Network Security Services   email: skip () taygeta net
 1340 Munras Ave., Suite 314         WWW: http://www.taygeta.net/
 Monterey, CA. 93940            

Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]