DormanResearch : BlockingRogueDHCPServer?

Referers: LinuxHints :: (Remote :: Orphans :: Tree )

Dorman Wiki
Dorman Lab Wiki
By default, dhcp clients will accept the first DHCPOFFER they receive.  If it comes from a rogue server, network functionality can be compromised.

0Steps to Correct

lease {
  interface "eth0";
  fixed-address 192.168.0.149;
  option subnet-mask 255.255.255.0;
  option routers 192.168.0.1;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option domain-name-servers 192.168.0.1;
  option dhcp-server-identifier 192.168.0.1;
  option dhcp-renewal-time 43200;
  option dhcp-rebinding-time 75600;
  renew 5 2008/2/15 19:39:22;
  rebind 5 2008/2/15 19:39:22;
  expire 5 2008/2/15 19:39:22;
}


interface "eth0" {
  # block server by recognizing it provides no domain name, and the valid one does
  require domain-name;
  # block by server ip, except this will break the server at home
  #reject 192.168.0.1;
}
There is no comment on this page. [Display comments/form]