BIND worm (was: DHCP Servers)
Brad Cox
brad at linuxbofh.com
Fri Mar 23 18:33:48 PST 2001
On Fri, Mar 23, 2001 at 05:01:07PM -0800, Dustin Mollo wrote:
> Hmmm... Maybe I'm weird here, but normally people don't run DHCP servers on
> places that are "publically accessable" in which case, if there was an
> exploit for the ISC DHCP server, you wouldn't care.
Any public network would need this [if they want to dynamically assign
addresses], ie ISP's, people starting a community wireless network, etc.
I've heard of some people who run dhcp for their servers, in order to
dynamically repurpose hardware (ie reboot some mail servers and they come
up as web servers thanks to dhcp), and provided you don't have a private
network, you would need to run the dhcp server in public space. Simply
having a firewall may not stop an attacker, especially if they are on your
private network (disgruntled employee).
> Then there are those who don't care about firewalls, in which case, you
> might want to look for an alternative. The only alternate DHCP server I
> know of is the Moreton Bay DHCP server (http://www.moretonbay.com/dhcpd/).
> It's not what I'd call full featured, but it's intended purpose is much
> different than that of ISC's. The Moreton Bay server was written as part of
> their embeded firewall product and is small and fast. It also lacks some of
> the features I was needing. It's worth a look-see.
It seems to lack the ability to hand out static IP's, which for me is a
requirement.
> We run the ISC DHCP here at our offices and it's dandy...haven't finished
> working on the web interface that I'd like to setup, but at least I have the
> configuration file in an easily parseable format so I can later go back and
> manipulate it.
--
Brad Cox, KB1CZQ http://www.linuxbofh.com brad at linuxbofh.com
More information about the talk
mailing list