DHCP Security Leak

guru.bidari at sirvisetti.com guru.bidari at sirvisetti.com
Tue May 1 20:19:00 UTC 2007


In our infrastructure we are using DHCP, with system-defined lease-period
(24 hours), the IP-address of the pc is refreshed.

We are using one product called as auto print the way it works, we think
we have a security leak.

After a user scheduled a job and he logged out before the job is finished
and ftp-ed, it is possible that another user gets that IP-address before
the output is processed.

This is more of an issue when concurrent request is re-scheduled to run at
an interval.

So we think that it is a leak that another user on a different pc can get
the output of that request, because that pc has leased the IP-address now.

Please provide us the solution to overcome this security leak.

Guru Bidari

More information about the dhcp-users mailing list