Date: Mon, 28 Aug 1995 11:10:11 -0400 (EDT) From: "Jonathan M. Bresler" <jmb@kryten.Atinc.COM> To: SimsS@Infi.Net Cc: hackers@freebsd.org, apuzzo@alumni.cs.colorado.edu, davep@extendsys.com, rgrimes@gndrsh.aac.dev.com Subject: Re: ARP'ing [Summary of responses] Message-ID: <Pine.3.89.9508281120.G443-0100000@kryten.atinc.com> In-Reply-To: <199508281259.FAA29765@freefall.FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
there may not be a managment tool for this at present. i dont know squat about DHCP, but (what a fool i am) set up a box that is aliased to all unused ip addresses when DHCP assigns an address, delete that alias when the address comes free again, reinstate the alias (some code needs to be written for the ipc, of course) this will prevent ip address theft and allow DHCP to work > The problem occurs when J. Random Hacker configures his new FreeBSD box to > add it to the net. He "knows" that the net address is > "192.168.254.something" so he says to himself, "OK, it's 1:30 in the morning, > I guess I'll ifconfig my net adapter as "192.168.254.130." Boots up and goes. > > A few minutes (or hours) later the DHCP server offers a "new" DHCP client the > same address (192.168.254.130) because it's the first free entry in it's > dynamic pool. (N.B.: DHCP servers don't have a way to monitor addresses > which are "in use" but weren't asssigned by the DHCP server.) The client > accepts the offered address and (at least with WinDoze clients) attempts to > ARP the wire for "192.168.254.130" since it doesn't explicitly "trust" the server. > Whoops! The client "discovers" that the address is already in use! Jonathan M. Bresler jmb@kryten.atinc.com | Analysis & Technology, Inc. FreeBSD Postmaster jmb@FreeBSD.Org | 2341 Jeff Davis Hwy play go. | Arlington, VA 22202 ride bike. hack FreeBSD.--ah the good life | 703-418-2800 x346
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.3.89.9508281120.G443-0100000>