From owner-freebsd-security Tue Apr 20 8:17:35 1999 Delivered-To: freebsd-security@freebsd.org Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207]) by hub.freebsd.org (Postfix) with ESMTP id EEDE61579B for ; Tue, 20 Apr 1999 08:17:33 -0700 (PDT) (envelope-from cjc@cc942873-a.ewndsr1.nj.home.com) Received: (from cjc@localhost) by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.8.8) id LAA09694; Tue, 20 Apr 1999 11:15:07 -0400 (EDT) (envelope-from cjc) From: "Crist J. Clark" Message-Id: <199904201515.LAA09694@cc942873-a.ewndsr1.nj.home.com> Subject: DHCP (was Re: poink attack (was Re: ARP problem in Windows9X/NT)) In-Reply-To: <14108.38235.254919.924353@trooper.velocet.ca> from David Gilbert at "Apr 20, 99 10:55:23 am" To: dgilbert@velocet.ca (David Gilbert) Date: Tue, 20 Apr 1999 11:15:07 -0400 (EDT) Cc: Harry_M_Leitzell@cmu.edu, fred@fredbox.com, security@FreeBSD.ORG Reply-To: cjclark@home.com X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org David Gilbert wrote, > Not this discussion 'should' be about what 'should' be, but wouldn't > it make sense to have the DHCP server be the 'athority' by which > hardware addresses are resolved? I suppose there's little security > built into that protocol, too. We recently went to implement it for a > customer and were somewhat taken aback by what could happen if someone > managed to just 'connect' a laptop to the network who wasn't supposed > to. OK, I'll bite. What happens when someone who is not supposed to connects to a DHCP served network? (Besides that they are connected to the network and are not supposed to be.) -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message