<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: Possible DHCP DOS attack

Re: Possible DHCP DOS attack

From: Sen_Ml Sen_Ml <sen_ml_at_ECCOSYS.COM>
Date: Fri, 4 Feb 2000 17:10:23 +0900

paul> 3)You should always be able to track an offending mac down
paul> to at least a switch port, and if you are using managed
paul> hubs, then a hub port too. The thing is that you are making
paul> up your MACs in this case, and they are only used very
paul> briefly, so they will likely have timed out in the switches
paul> and hubs by the time the admin gets around to looking for
paul> them.

as far as the dhcp dos attack is concerned, does configuring the dhcp
servers to only hand out ip addresses to registered mac addresses work
for you? my guess would be no ;-)

it doesn't do anything to stop people from just assigning themselves
an ip address and it's a pain to administer for large sites, but fwiw
it's what i do for small networks.
Received on Feb 04 2000

This message: [ Message body ]
Next message: Seth R Arnold: "Re: DHCP and Security"
Previous message: Blue Boar: "Re: Possible DHCP DOS attack"
In reply to: Paul Keefer: "Re: Possible DHCP DOS attack"
Next in thread: Vladimir Dubrovin: "Re: Possible DHCP DOS attack"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos