[3706] in bugtraq
Re: BOOTP/DHCP security
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Nov 28 13:43:30 1996
Date: Thu, 28 Nov 1996 04:09:57 -0500
Reply-To: Valdis.Kletnieks@vt.edu
From: Valdis.Kletnieks@vt.edu
X-To: Benedikt Stockebrand <benedikt@devnull.ruhr.de>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: Your message of "Wed, 27 Nov 1996 21:37:58 +0100."
<87k9r79sux.fsf@devnull.ruhr.de>
On Wed, 27 Nov 1996 21:37:58 +0100, you said:
> (1) Make this machine check for bogus MACs in its ARP cache mapped to
> the servers IP address. This forces the attacker to use a network
> card with a configurable MAC and usually stops attacks from machines
> belonging to the network (unless you've got this kind of card
> installed).
Umm.. are there cards that DONT support changing the MAC address?
I know that any card that did older Decnet releases *had* to be
able to do this.
For another good giggle, find a manager who's just learned about
the fact that packet sniffers exist, and point out to him that
the Ethernet spec *requires* support for promiscuous mode.
Watch him shriek "AAAARRGGGGHH!!!!" and call for the return
of IBM3270s hanging off coax. Ever tried to install a sniffer
on an IBM bus/tag pair? Kind of hard to do without the operator
noticing... ;)
Valdis Kletnieks
Computer Systems Engineer
Virginia Tech
