From owner-freebsd-hackers  Mon Aug 28 08:19:17 1995
Return-Path: hackers-owner
Received: (from majordom@localhost)
          by freefall.FreeBSD.org (8.6.11/8.6.6) id IAA07823
          for hackers-outgoing; Mon, 28 Aug 1995 08:19:17 -0700
Received: from kryten.atinc.com (kryten.Atinc.COM [198.138.38.7])
          by freefall.FreeBSD.org (8.6.11/8.6.6) with ESMTP id IAA07809
          for <hackers@freebsd.org>; Mon, 28 Aug 1995 08:19:09 -0700
Received: (jmb@localhost) by kryten.atinc.com (8.6.9/8.3) id LAA03792; Mon, 28 Aug 1995 11:10:13 -0400
Date: Mon, 28 Aug 1995 11:10:11 -0400 (EDT)
From: "Jonathan M. Bresler" <jmb@kryten.Atinc.COM>
Subject: Re: ARP'ing [Summary of responses]
To: SimsS@Infi.Net
cc: hackers@freebsd.org, apuzzo@alumni.cs.colorado.edu, davep@extendsys.com,
        rgrimes@gndrsh.aac.dev.com
In-Reply-To: <199508281259.FAA29765@freefall.FreeBSD.org>
Message-ID: <Pine.3.89.9508281120.G443-0100000@kryten.atinc.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: hackers-owner@freebsd.org
Precedence: bulk


there may not be a managment tool for this at present.

i dont know squat about DHCP, but (what a fool i am)

set up a box that is aliased to all unused ip addresses
when DHCP assigns an address, delete that alias
when the address comes free again, reinstate the alias

(some code needs to be written for the ipc, of course)

this will prevent ip address theft
and allow DHCP to work

> The problem occurs when J. Random Hacker configures his new FreeBSD box to
> add it to the net.  He "knows" that the net address is
> "192.168.254.something" so he says to himself, "OK, it's 1:30 in the morning,
> I guess I'll ifconfig my net adapter as "192.168.254.130."  Boots up and goes.
> 
> A few minutes (or hours) later the DHCP server offers a "new" DHCP client the
> same address (192.168.254.130) because it's the first free entry in it's
> dynamic pool.  (N.B.: DHCP servers don't have a way to monitor addresses
> which are "in use" but weren't asssigned by the DHCP server.)  The client
> accepts the offered address and (at least with WinDoze clients) attempts to
> ARP the wire for "192.168.254.130" since it doesn't explicitly "trust" the server. 
> Whoops!  The client "discovers"  that the address is already in use! 

Jonathan M. Bresler  jmb@kryten.atinc.com       | Analysis & Technology, Inc.  
FreeBSD Postmaster   jmb@FreeBSD.Org            | 2341 Jeff Davis Hwy
play go.                                        | Arlington, VA 22202
ride bike. hack FreeBSD.--ah the good life      | 703-418-2800 x346