From owner-freebsd-security  Thu Sep 27 11: 6: 4 2001
Delivered-To: freebsd-security@freebsd.org
Received: from hotmail.com (f135.law3.hotmail.com [209.185.241.135])
	by hub.freebsd.org (Postfix) with ESMTP id E3B9737B426
	for <security@FreeBSD.ORG>; Thu, 27 Sep 2001 11:05:58 -0700 (PDT)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Thu, 27 Sep 2001 11:05:58 -0700
Received: from 170.253.240.1 by lw3fd.law3.hotmail.msn.com with HTTP;
	Thu, 27 Sep 2001 18:05:58 GMT
X-Originating-IP: [170.253.240.1]
From: "WebSec WebSec" <secure21st@hotmail.com>
To: fabre@matranet.com
Cc: will@physics.purdue.edu, security@FreeBSD.ORG
Subject: LaBrea for BSD?
Date: Thu, 27 Sep 2001 18:05:58 +0000
Mime-Version: 1.0
Content-Type: text/html
Message-ID: <F1358Dt5zt47jO9ljL20000943a@hotmail.com>
X-OriginalArrivalTime: 27 Sep 2001 18:05:58.0827 (UTC) FILETIME=[0F6C77B0:01C1477F]
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

<html><div style='background-color:'><DIV><FONT face=Helv color=#000000 size=2>
<P>This solution should only be used in DHCPed environents.&nbsp; You would have problems if you are to assign a static address in a DHCPed environment anyhow.</P>
<P>&nbsp;</P>
<P>This could worm but would require some hooks in the ISC DHCP server</P>
<P>code.</P>
<P>There'd still be a problem, though, if you were using fixed IPs and no</P>
<P>DHCP. Here's the scenario: You turn off your workstation; the tarpit claims</P>
<P>its address; you come in next morning and turn it on; your workstation reports</P>
<P>that it is kicking itself off the network because it has ARPed its IP address</P>
<P>and found it in use by someone else. (Windows machines with fixed IPs always</P>
<P>do this; other operating systems might as well.)</P>
<P>--Brett</P>
<P>At 11:43 AM 9/27/2001, WebSec WebSec wrote:</P>
<P>&nbsp;</P>
<P>&gt;Here is an idea,</P>
<P>&gt;</P>
<P>&gt;How about LaBrea for BSD (installed on a DHCP Server) automatically takes all IPs and releases them as clients request those IPs?</P>
<P>&gt;</P>
<P>&gt;Another idea is that LaBrea server installed on DHCP "informs" LaBrea clients which IPs to emulate....</P>
<P>&gt;</P>
<P>&gt;</P>
<P>&gt;</P>
<P>&gt;Serg Perfi - YDAP security consulting group</P>
<P>&nbsp;</P>
<P>To Unsubscribe: send mail to majordomo@FreeBSD.org</P>
<P>with "unsubscribe freebsd-security" in the body of the message</P></FONT><BR><BR><BR>The reasonable man adapts himself to the world; </DIV>the unreasonable one persists in trying to adapt 
<DIV></DIV>the world to himself. Therefore all progress 
<DIV></DIV>depends on the unreasonable man. 
<DIV></DIV>
<DIV></DIV>-- George Bernard Shaw 
<DIV></DIV></div><br clear=all><hr>Get your FREE download of MSN Explorer at <a href='http://go.msn.com/bql/hmtag_itl_EN.asp'>http://explorer.msn.com</a><br></html>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message