DHCP Security Leak

Glenn Satchell Glenn.Satchell at uniq.com.au
Wed May 2 12:55:53 UTC 2007

>Date: Tue, 1 May 2007 16:19:00 -0400 (EDT)
>Subject: DHCP Security Leak 
>From: guru.bidari at sirvisetti.com
>To: dhcp-users at isc.org
>In our infrastructure we are using DHCP, with system-defined lease-period
>(24 hours), the IP-address of the pc is refreshed.
>We are using one product called as auto print the way it works, we think
>we have a security leak.
>After a user scheduled a job and he logged out before the job is finished
>and ftp-ed, it is possible that another user gets that IP-address before
>the output is processed.
>This is more of an issue when concurrent request is re-scheduled to run at
>an interval.
>So we think that it is a leak that another user on a different pc can get
>the output of that request, because that pc has leased the IP-address now.
>Please provide us the solution to overcome this security leak.

Instead of ftp back to the original PC, ftp to the user's directory on
a server. Set up the permissions so that only that user can read the
files in the given directory.

This is an application problem, not a DHCP problem.


More information about the dhcp-users mailing list