lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.58.0410130750420.12184@gandalf.hugo.vanderkooij.org>
From: hvdkooij at vanderkooij.org (Hugo van der Kooij)
Subject: [SPAM] Stealing DHCP Leases

On Tue, 12 Oct 2004, Ian Holm wrote:

> I was noticing that the number of DHCP address in the DHCP cache was running
> low so I decided to check which computers were assigned to each address. To
> my horror I saw that there were 81 addresses assigned at exactly the same
> time and all expired at exactly the same time. I'm assuming that these were
> all assigned to the same machine. How is this possible? Where could I learn
> about this and how to prevent it?

Any decent log will show you the MAC level address. So go out and
investigate the machine.

There are plenty of known and documented ways of depleting a DHCP pool in
microseconds. A simple google search will do the trick.

Hugo.

-- 
	I hate duplicates. Just reply to the relevant mailinglist.
	hvdkooij@...derkooij.org		http://hvdkooij.xs4all.nl/
		Don't meddle in the affairs of magicians,
		for they are subtle and quick to anger.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ