[dhcwg] DHCP Security threat.
Senthil Kumar B <ksenthil@india.hp.com> Thu, 06 March 2003 15:48 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA21742; Thu, 6 Mar 2003 10:48:13 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h26FtGO15728; Thu, 6 Mar 2003 10:55:16 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h26FqSO15565 for <dhcwg@optimus.ietf.org>; Thu, 6 Mar 2003 10:52:28 -0500
Received: from palrel12.hp.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA21051 for <dhcwg@ietf.org>; Thu, 6 Mar 2003 10:40:53 -0500 (EST)
Received: from iconsrv5.india.hp.com (iconsrv5.india.hp.com [15.42.229.13]) by palrel12.hp.com (Postfix) with ESMTP id DE8B61C00CAC for <dhcwg@ietf.org>; Thu, 6 Mar 2003 07:42:55 -0800 (PST)
Received: from india.hp.com (nt23073.india.hp.com [15.42.230.73]) by iconsrv5.india.hp.com (8.9.3/8.9.3 SMKit7.02) with ESMTP id VAA01001 for <dhcwg@ietf.org>; Thu, 6 Mar 2003 21:12:13 +0530 (IST)
Message-ID: <3E676D5E.8060009@india.hp.com>
Date: Thu, 06 Mar 2003 21:16:38 +0530
From: Senthil Kumar B <ksenthil@india.hp.com>
Organization: Hewlett Packard ISO
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: dhcwg <dhcwg@ietf.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Subject: [dhcwg] DHCP Security threat.
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
RFC 2131 doesn't mandate the DHCP server to check whether a request is from a standard client port(68). If this is being the case, a normal user can just write a program and send continuous DHCP request(series of DHCPDISCOVER, DHCPREQUEST) without bothering the reply from the server which eventually causes the IP address pool to exhaust. It's a DoS. What is the mechanism used to prevent these kind of DoS attacks? I understand "Authentication to DHCP messages" RFC Shares key information between reliable clients which the administrator will cofigure. But again, one out of the reliable clients can do this job and exhaust the pool which is simply a DoS. Please advise how should it be handled. Thanks, Senthil K Bala. _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] DHCP Security threat. Senthil Kumar B
- RE: [dhcwg] DHCP Security threat. Bernie Volz (EUD)