Security Basics mailing list archives
Re: DHCP
From: "Tim Clewlow" <tim () clewlow org>
Date: Sat, 23 May 2009 06:05:07 +1000 (EST)
The best way to go about this would be address filtering right? You should be able to setup an ACL with your allowed mac addresses getting IPs and any others being ignored.
DHCP is not a security system. It is trivial for any *nix system to extract valid MAC / IP pairs that are currently in use. Then all you have to do is wait for the traffic to stop and pretend to be that pair. I repeat, DHCP is not a security system. Cheers, Tim. -- The code that never executes at all is the fastest. ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- RE: DHCP, (continued)
- Re: DHCP Shreyas Zare (May 22)
- Message not available
- Re: DHCP Shreyas Zare (May 22)
- Message not available
- Re: DHCP Tim Clewlow (May 22)