Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NFR Wizards> 1999-q3

NFR Wizards Archives: Using DHCP (was RE: IP Spoofing)

Using DHCP (was RE: IP Spoofing)

Anton J Aylward (antonthe-wire.com)
Sat, 2 Oct 1999 09:54:34 -0400

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Emiliano Kargieman: "Re: IP Spoofing."
Previous message: Scott, Richard: "IP Spoofing"
Next in thread: Joseph S D Yao: "Re: Using DHCP (was RE: IP Spoofing)"
Next in thread: Emiliano Kargieman: "Re: IP Spoofing."
Reply: Joseph S D Yao: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Carl Brewer: "RE: Using DHCP (was RE: IP Spoofing)"

Neither DNS not DHCP is a cure for spoofing, and can themselves be
spoofed as well ;-( But they are key tools and properly configured can
support the evidence of logs in tracing problems and intrusions.

Some sites want accountability, that is a deterministic identification of
an IP address with a host. This can be strength or weakness, in my
opinion, and I've always favoured it when possible. But I'd like to know
what other think.

DHCP has improved, in that it can now integrate with DNS, which was always
my greatest complaint about it. Like DNS it can be strapped down, binding
MAC addresses to IP addresses. Of course relayers confuse this somewhat.
(Just as proxy ARP on some firewalls can)

which of course interact with hardware (e.g. switching hubs) and network
layout. I'd like to know what other people have found effective and what
problems there may be. Can those in the know guide the rest of us away
from the jagged rocks of this kind of implementation?

Anton Aylward
System Integrity
ajasi.on.ca

Next message: Emiliano Kargieman: "Re: IP Spoofing."
Previous message: Scott, Richard: "IP Spoofing"
Next in thread: Joseph S D Yao: "Re: Using DHCP (was RE: IP Spoofing)"
Next in thread: Emiliano Kargieman: "Re: IP Spoofing."
Reply: Joseph S D Yao: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "Re: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Bill_Roydspch.gc.ca: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: GEIS: "RE: Using DHCP (was RE: IP Spoofing)"
Reply: Carl Brewer: "RE: Using DHCP (was RE: IP Spoofing)"

This archive was generated by hypermail 2.0b3 on Sat Oct 02 1999 - 19:18:25 CDT