On Fri, May 17, 2002 at 06:22:54PM -0700, Seth Arnold wrote: <snip> > Akop, yes, an attacker can spoof a source 0.0.0.0 in order to attack > your dhcp server, and generally, the only way to prevent this is some > level of sanity checking IPs based on the _interfaces_ the packet came > in through. > > e.g., if your dhcp server has two NICs: > > eth0 is connected to the untrusted network > eth1 is connected to trusted subnet
Actually, both "trusted" subnets are connected to the internet using other routers to which I don't really have access. So, this solution won't work. I call them trusted only because I "trust" that no computer on those subnets will try to exploit anything on the server. -akop
