Vulnerability Development mailing list archives
Re: Possible DHCP DOS attack
From: Larry.Ogrodnek () DOWJONES COM (Ogrodnek, Larry)
Date: Thu, 3 Feb 2000 11:17:51 -0500
SOTO. Please see RFC 2131. This is being addressed in part in the IETF draft "Authentication for DHCP Messages" <draft-ietf-dhc-authentication-12.txt>. These documents among others can be found at http://www.dhcp.org. One could also montitor their network for unusual dhcp traffic (ala ids) as well as setup redundant dhcp servers. Darin Davis has a perl script available that can be used to exhaust ip addresses (http://www.flash.net/~da_davis/code/gendhcp.p). The script apparently was designed to stress test his dhcp servers. -l -----Original Message----- From: Paul Keefer [mailto:paul () KEEFER ORG] Sent: Wednesday, February 02, 2000 4:20 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Possible DHCP DOS attack I hope this is the right forum for this. I was contemplating DHCP and how many large organizations rely on it today, and I had a vision so to speak. What if someone were to use up all of the available leases? That would essentially prevent anyone else from obtaining an address. That got me thinking to how easy it would be to very quickly eat up all the addresses on a server. It seems like it would be trivial to use a linux box to use proxy arping to send out a large number of DHCP requests until the server has no more to give out. This of course assumes that the network is not using switches that prevent multiple MACs per port, and that the DHCP servers are not configured to give IPs out only to specific MACs or something like that. One thing that would make this particularly insidious is that the entire attack would take only momemts, and would last until the DHCP database was purged or the leases timed out. Has this already been addressed? Am I missing something fundamental about DHCP?
Current thread:
- Re: how to transfer files on napster, (continued)
- Re: how to transfer files on napster Jordan Ritter (Feb 05)
- Re: how to transfer files on napster Blue Boar (Feb 05)
- Re: how to transfer files on napster Seth Georgion (Feb 05)
- Re: how to transfer files on napster whitvamp () MINDLESS COM (Feb 05)
- Re: how to transfer files on napster Jordan Ritter (Feb 05)
- Re: how to transfer files on napster Blue Boar (Feb 07)
- Re: how to transfer files on napster David U. (Feb 07)
- Simple logging utility app Scorpus Kahn (Feb 06)
- Re: Simple logging utility app Erik Parker (Feb 07)
- Breaking through FTP ALGs -- is it possible? Mikael Olsson (Feb 08)
- Re: Possible DHCP DOS attack Sen_Ml Sen_Ml (Feb 04)