DHCP Security Leak
carl at personnelware.com
Tue May 1 20:45:24 UTC 2007
guru.bidari at sirvisetti.com wrote:
to open, if you do have a problem, it is very removed from the dhcp server.
Consider locking a door, and leaving the key next to it. that is not a problem
with the lock.
> In our infrastructure we are using DHCP, with system-defined lease-period
> (24 hours), the IP-address of the pc is refreshed.
> We are using one product called as auto print the way it works, we think
> we have a security leak.
Um, not that it matters, but what is it? (Is the name "as auto print" or "auto
print" or ?)
> After a user scheduled a job and he logged out before
Logged out of what?
> the job is finished
> and ftp-ed,
ftp - if you are worried about security, ftp is a problem too. But I am
guessing your use of 'security' isn't quite the right word.
> it is possible that another user gets that IP-address before
> the output is processed.
no. if a machine is still using an IP, it will not release it.
> This is more of an issue when concurrent request is re-scheduled to run at
> an interval.
IP address should not be an issue.
> So we think that it is a leak that another user on a different pc can get
> the output of that request, because that pc has leased the IP-address now.
> Please provide us the solution to overcome this security leak.
If you are relying on IP addresses, you need to use fixed IP addresses.
However, I doubt that you are relying on IP addresses, and suspect that actually
everything is just fine. has anyone been able to demonstrate a vulnerability?
More information about the dhcp-users