enquiry on validation of dhcp offered address

[Simon Hobson]

If you are going to reply to the digest, PLEASE FIX THE SUBJECT !

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?


ching wrote:
>if dhclient can fully trust dhcp server, this kind of report should 
>not exists.
>
>http://www.kb.cert.org/vuls/id/107886

And what on earth does that have to do with your query - absolutely 
nothing. That is a vulnerability in terms of being sent "bad" data 
and executing code. Your query is about validating the address 
because you don't trust your ISP to hand out a correct one.

The ability of another user on a shared network to setup a rogue DHCP 
serveer is well known - it's been a known security issue since before 
DHCP was around (it was known about back when BOOTP was 'new'). 
Depending on the environment, anyone running a DHCP service in a 
'hostile" environment should be aware of this and have measures in 
place to avoid it (block DHCP traffic) or at least detect it so it 
can be dealt with. In general, I'd be surprised to see any competent 
ISP not block DHCP server traffic from clients to make it physically 
impossible to do - if they don't do this then find a competent ISP.

Simply ignoring RFC1918 addresses will not protect you - if I had 
access to run a rogue DHCP server then I could just as easily hand 
out some random block of addresses which your check wouldn't complain 
about - and you'd be none the wiser.
-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.