Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Possible DHCP DOS attack

Re: Possible DHCP DOS attack

From: Vladimir Dubrovin <vlad_at_SANDY.RU>
Date: Fri, 4 Feb 2000 12:04:41 +0300

Hello Tal Hornstein,

03.02.2000 11:02, you wrote: Possible DHCP DOS attack;

T> 2- I would assume any security admin in his right mind will not allow DHCP
T> request from the Internet through the Firewall, thus such an attack can only
T> come from within.

DHCP requests cann't come from Internet. Suport of BootP relay agent
(RFC 1532/1542) is required for routing requests between 2 networks.
DHCP requests use 0.0.0.0 as both SRC and DST address.

P.S. Someone said DHCP "pings" old leases. He's wrong. DHCP will never
release lease before it's expired.

  +=-=-=-=-=-=-=-=-=+
  |Vladimir Dubrovin|
  | Sandy Info, ISP |
  +=-=-=-=-=-=-=-=-=+
Received on Feb 04 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos