DHCP Security Leak

Carl Karsten carl at personnelware.com
Tue May 1 20:45:24 UTC 2007

guru.bidari at sirvisetti.com wrote:
> Hi


to open, if you do have a problem, it is very removed from the dhcp server.

Consider locking a door, and leaving the key next to it.  that is not a problem 
with the lock.

> In our infrastructure we are using DHCP, with system-defined lease-period
> (24 hours), the IP-address of the pc is refreshed.
> We are using one product called as auto print the way it works, we think
> we have a security leak.

Um, not that it matters, but what is it?  (Is the name "as auto print" or "auto 
print" or ?)

> After a user scheduled a job and he logged out before 

Logged out of what?

> the job is finished
> and ftp-ed, 

ftp - if you are worried about security, ftp is a problem too.  But I am 
guessing your use of 'security' isn't quite the right word.

> it is possible that another user gets that IP-address before
> the output is processed.

no.  if a machine is still using an IP, it will not release it.

> This is more of an issue when concurrent request is re-scheduled to run at
> an interval.

IP address should not be an issue.

> So we think that it is a leak that another user on a different pc can get
> the output of that request, because that pc has leased the IP-address now.
> Please provide us the solution to overcome this security leak.

If you are relying on IP addresses, you need to use fixed IP addresses.

However, I doubt that you are relying on IP addresses, and suspect that actually 
everything is just fine.  has anyone been able to demonstrate a vulnerability?

Carl K

More information about the dhcp-users mailing list