[24631] in North American Network Operators' Group
Re: Secure DHCP?
daemon@ATHENA.MIT.EDU (Daniel Senie)
Mon Jul 26 10:16:56 1999
Date: Mon, 26 Jul 1999 10:14:03 -0400
From: Daniel Senie <dts@senie.com>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
I'd like to hear more about the filtering capabilities of the cable
modems. Is there somewhere I could find the provider-oriented
documentation (as opposed to the two-pager given to consumers with the
modems)? I'd like to see if additional uses of this filtering could be
made which would increase the user's security (e.g. filtering out ports
137-139 TCP and UDP to prevent neighbors from attacking neighbors), and
that of the Internet (ingress filtering).
I believe you're correct that sufficient tools exist today to protect
DHCP in cable modem and switched Ethernet environments. I don't believe
there's sufficient knowledge of that information spread around. As such,
I was thinking of writing an informational RFC on the subject, and would
be interested in having your input, especially from the cable modem
plant angle. Interested?
Dan
--
-----------------------------------------------------------------
Daniel Senie dts@senie.com
Amaranth Networks Inc. http://www.amaranthnetworks.com
