Date: Thu, 27 Sep 2001 11:52:42 -0600 From: Brett Glass <brett@lariat.org> To: "WebSec WebSec" <secure21st@hotmail.com>, fabre@matranet.com Cc: will@physics.purdue.edu, security@FreeBSD.ORG Subject: Re: LaBrea for BSD? Message-ID: <4.3.2.7.2.20010927114815.00d12100@localhost> In-Reply-To: <F43CHusMjQHtMFaukyC00002c7d@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This could worm but would require some hooks in the ISC DHCP server code. There'd still be a problem, though, if you were using fixed IPs and no DHCP. Here's the scenario: You turn off your workstation; the tarpit claims its address; you come in next morning and turn it on; your workstation reports that it is kicking itself off the network because it has ARPed its IP address and found it in use by someone else. (Windows machines with fixed IPs always do this; other operating systems might as well.) --Brett At 11:43 AM 9/27/2001, WebSec WebSec wrote: >Here is an idea, > >How about LaBrea for BSD (installed on a DHCP Server) automatically takes all IPs and releases them as clients request those IPs? > >Another idea is that LaBrea server installed on DHCP "informs" LaBrea clients which IPs to emulate.... > > > >Serg Perfi - YDAP security consulting group To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20010927114815.00d12100>