Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Secure DHCP?

  • From: Fletcher E Kittredge
  • Date: Mon Jul 26 09:14:20 1999

> 
> After having experienced a rather malicious attack on our corporate network by 
> someone running a rogue DHCP server, I'm wondering if there's any way to 
> prevent this from happening again?  The perpetrator basically managed to 
> renumber most of an entire subnet (into an entirely different IP block) of our 
> network, causing a major denail of service.  I've read the RFC's and checked 
> all the network reference books I can find, and none of them indicate any way 
> to prevent this from happening again.  Am I missing something here, or is it 
> time to start writing RFC's?  Thanks in advance.

In a cable modem environment, we make use of packet filtering to
prevent any cable modem user from responding to DHCP requests.
Customer cable modems can act as a clients for such requests, but not
as servers.

In other environments, we essentially use the same tactic; we
partition the network so that valid servers are on controlled
segments, and only allow DHCP servers on those segments.

Right now, it seems we have the tools to authenticate and authorize
DHCP with current RFCs.  I would be very interested in hearing about
potential attacks we have missed.

regards,
fletcher





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.