It seems this thread was already resolved, just wanted to add one comment: On Mon, May 18, 2015 at 2:26 PM, Zbigniew Jędrzejewski-Szmek <zbys...@in.waw.pl> wrote: > So to mount a successful spoof, the attacker needs to > a) control the dhcp server domain option to return a domain under attacker > control
Notice that this is entirely trivial, as the attacker does not need to control _the_ DHCP server, all they have to do is to provide a competing DHCP server on the local link and hope they get picked over the real one. Cheers, Tom _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel