Bugtraq mailing list archives

Re: BOOTP/DHCP security

From: alan () lxorguk ukuu org uk (Alan Cox)
Date: Thu, 28 Nov 1996 22:15:28 +0000

the servers IP address.  This forces the attacker to use a network
card with a configurable MAC and usually stops attacks from machines
belonging to the network (unless you've got this kind of card
installed).


No. All the cards (in the PC world anyway) that don't a configurable
mac address can still be dumped into promisc mode and fake source addresses.
In effect the unprogrammable cards (very rare now anyway) simply lack the
ability to set a receive filter.

Alan

Current thread:

Re: BOOTP/DHCP security itudps (Nov 27)
- <Possible follow-ups>
- Re: BOOTP/DHCP security itudps (Nov 27)
- Re: BOOTP/DHCP security Benedikt Stockebrand (Nov 27)
  - Re: BOOTP/DHCP security itudps (Nov 27)
  - CIAC Bulletin H-08: lpr Buffer Overrun Vulnerability David Crawford (Nov 27)
  - Re: BOOTP/DHCP security Valdis.Kletnieks () vt edu (Nov 28)
  - Irix: more suid fun/exploits Yuri Volobuev (Nov 28)
  - Re: BOOTP/DHCP security Alan Cox (Nov 28)