[NTLUG:Discuss] DHCP Vulnerability?
Jim Goode
JGoode at GoToLearn.org
Fri Aug 13 14:54:35 CDT 2004
I am running an e-Smith/Mitel SME server with DHCP enabled. The server
supports desktops that are running MS Windows 2000 Professional.
Earlier today (and several times over the past 2 months) I lost
connectivity to the server from my desktop. This time I discovered that
the IP assigned to my desktop was not in the DHCP range I had specified
on the server. I spot checked a couple of other desktops and they had
the same problem. The 1st and 2nd octet that had been assigned remained
constant (169.254.) but the 3rd and 4th were quite different (113.233,
133.162, and 233.134). I use 192.168 for my internal LAN.
After researching some web sites, I see that US-CERT reported a DHCP
vulnerability on June 22, 2004 (VU# 317350 and 654390).
1) Could my problem be related to one of these vulnerabilities?
2) Could my server have a virus?
3) If yes, how can I find and remove the virus?
4) Is there a patch for the DHCP problem? The SME server is based on Red
Hat 7.2 under the covers and RH no longer supports this release.
Thank you for your time and response,
Jim
--
Jim Goode, SCSA (JGoode at GoToLearn.org)
Director IT and Software Development
972-543-4291, 1-877-465-3276
GoToLearn Inc., 2201 Avenue K, Suite A1, Plano, TX 75074
http://www.GoToLearn.org
More information about the Discuss
mailing list