Indeed, there are places and situations where this is much more risky than others.
On Fri, Sep 26, 2014 at 5:19 PM, Brandon Allbery <[email protected]> wrote: > On Fri, Sep 26, 2014 at 4:56 PM, Doug Hughes <[email protected]> wrote: > >> The dhcp issue is potentially exploitable, but much more difficult and >> less risky in practice because that's an internal function and the >> exploiter would have to bind his server to a privileged port meaning you >> are already owned. > > > ...or has the minimal wherewithal to run a rogue DHCP server on a random > Windows box, which doesn't have the concept of privileged ports, or on a > personal Linux laptop where they have root so the point is moot. How many > places will allow random devices (think phones, iPads, etc.) to associate > with access points? > > -- > brandon s allbery kf8nh sine nomine > associates > [email protected] > [email protected] > unix, openafs, kerberos, infrastructure, xmonad > http://sinenomine.net >
_______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
