|
DHCP is a very commonly used protocol for the automatic assignment of TCP/IP configuration options. DHCP is defined in RFC 2131. "The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCPIP network. DHCP is based on the Bootstrap Protocol (BOOTP) [7], adding the capability of automatic allocation of reusable network addresses and additional configuration options [19]. DHCP captures the behavior of BOOTP relay agents [7, 21], and DHCP participants can interoperate with BOOTP participants [9]." DHCP extensions for IPv6 is defined in RFC 3315. Common values include:
DHCP is not without its issues, here are some of them:
Please contact us if you have any comments or would like to add to this diary entry. A reader wrote in "PiXiE uses Wake-On-LAN to turn on machines after they power down, then feeds them a rootkit over BOOTP when they try to network boot (many systems automatically try network boot when woken-on-LAN." A presentation can be found here: PiXiE: A Self-Propagating Network Boot Virus for Windows Cheers, |
Adrien de Beaupre 353 Posts ISC Handler Oct 6th 2009 |
| Thread locked Subscribe |
Oct 6th 2009 1 decade ago |
|
Now every switch supports dhcp snooping, preventing untrusted ports from answering bogus answers. With this option, what remains valid from your list?
|
Anonymous |
| Quote |
Oct 7th 2009 1 decade ago |
|
Hi justme, most modern switches support a number of L2 and L3 defensive mechanisms. Not all locations have them enabled. In a number of organizations quite a few of these attacks remain devastatingly effective. IMHO. Cheers, Adrien
|
Adrien de Beaupre 353 Posts ISC Handler |
| Quote |
Oct 22nd 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
