DHCP Security Leak
dhcp1 at thehobsons.co.uk
Wed May 2 14:25:18 UTC 2007
guru.bidari at sirvisetti.com wrote:
>We are using one product called as AutoPrint(remote printing solution
>which uses oracle apps, we ftp the generated report from oracle apps to a
>ftp server running on windows) the way it works, we think we have a
So Oracle generates a print job and sends it by FTP to the USERS
workstation ? What kind of stupid hack is that ?
>After a user scheduled a job and he logged out before the job is finished
>and ftp-ed, it is possible that another user gets that IP-address before
>the output is processed.
>This is more of an issue when concurrent request is re-scheduled to run at
>So we think that it is a leak that another user on a different pc can get
>the output of that request, because that pc has leased the IP-address now.
>Please provide us the solution to overcome this security leak.
As I stated yesterday, under normal circumstances, another
workstation will NOT get the address assigned to another PC as soon
as a user logs off. BTW - do you REALLY mean "logged out" and not
"shut down" ? If the user simply logs out then the PC will still be
active and will retain it's IP address.
Send the job directly to a network attached printer. Users can still
intercept it by unplugging the printer and reconfiguring their PC at
the same address, but at least they can't 'accidentally' get the
If this isn't good enough, send the job to a secure server and attach
the printer directly to that - someone could still unplug the printer
and connect something else, but it's much harder.
And of course, there is also the minor issue of "how do you stop
someone simply picking up the printout as they walk past ?"
In summary, the ONLY security issue that is in any way DHCP related
is the decision to FTP a report directly to an arbitrary IP address -
but in reality this is an application design issue.
More information about the dhcp-users