DHCP Security Leak
guru.bidari at sirvisetti.com
guru.bidari at sirvisetti.com
Wed May 2 13:15:15 UTC 2007
>>Date: Tue, 1 May 2007 16:19:00 -0400 (EDT)
>>Subject: DHCP Security Leak
>>From: guru.bidari at sirvisetti.com
>>To: dhcp-users at isc.org
>>
>>Hi
>>
>>In our infrastructure we are using DHCP, with system-defined lease-period
>>(24 hours), the IP-address of the pc is refreshed.
>>
>>We are using one product called as auto print the way it works, we think
>>we have a security leak.
>>
>>After a user scheduled a job and he logged out before the job is finished
>>and ftp-ed, it is possible that another user gets that IP-address before
>>the output is processed.
>>
>>This is more of an issue when concurrent request is re-scheduled to run
>> at
>>an interval.
>>
>>So we think that it is a leak that another user on a different pc can get
>>the output of that request, because that pc has leased the IP-address
>> now.
>>
>>Please provide us the solution to overcome this security leak.
>
> Instead of ftp back to the original PC, ftp to the user's directory on
> a server. Set up the permissions so that only that user can read the
> files in the given directory.
>
> This is an application problem, not a DHCP problem.
>
> regards,
> -glenn
We are using the server to ftp it to the directory and permissions are set
properly for each indivisual users. The problem we think it is a leak that
another user on a different pc can get the output of that request, because
that pc has leased the IP-address.
regards,
Guru
More information about the dhcp-users
mailing list