DHCP and the Resulting Theoretical Attacks - Page 3
Page 3 of 7 FirstFirst 12345 ... LastLast
Results 21 to 30 of 68

Thread: DHCP and the Resulting Theoretical Attacks

  1. #21
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I can sum up my feeling on the subject (off topic subject -- 'Is this a tutorial') in just a few words.

    Did I learn something from this? The answer is Yes.
    Is the subject security or some thing else? The answer is Yes it is security. (if I know nothing of the subject I am at risk).

    Most of the rest of the thread is just wasted space and bandwith though. I really don't need to read about the bloated egos of argueing members (myself included).
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  2. #22
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Maybe chsh should moderate the tut's forum? That way he could allow what he thinks is a proper tutorial.

    I'm not attacking you, chsh and I do think that to some extent your criticism is valid however, there is a limit.

    One man's trash is another man's treasure. That's why garage/yard sales exist. Just because it doesn't suit your concept of a tut doesn't mean it's all that worthless.


    Not bad, HT. Kind of a different twist on an old issue.


    P.S. I will have to say this, I appreciate everyone keeping their blows above the belt.

    peace.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  3. #23
    Custom User
    Join Date
    Oct 2001
    Posts
    503
    It doesn't cover securing the system, it doesn't really cover how to break the system, and it doesn't cover how to implement DHCP pretty well at all. Your "tutorial" gives a brief "how dhcp works" bit and then goes on to talk about potential flaws
    Did you not read his tutorial? Because if you had done, I'm sure you would have seen that he had several examples of ways to "break the system" along with a method of "securing the system" against each scenario.

    To be honest, I wonder if you just read the title of a thread and then think up some "constructive criticism" about it no matter the quality of the post. I'll admit that his tutorial did seem to end too abruptly, but it still didn't merit the flame that you gave it. And yes, you did flame him.

    ac

    P.S. I liked your "links to further relevant information". Does that mean that if HT adds in a link to google at the end he gets the chsh thumbs up?

  4. #24
    Senior Member
    Join Date
    Mar 2004
    Posts
    139

    Hey, I was wondering how this "ping" thing works with dhcp, cause you can enable address
    conflict detection and then the server can test an IP address before leasing it to a client. If the ping request fails and times out, the server thinks that the IP address is not in use and hence offers to lease the address to a new client. But lets say the admin has installed firewalls on clients that block incoming pings. Wouldn't that create a wonderful cluster f**k?

    How's that for an inside job?

  5. #25
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    im sure that at least 90% of the people that have read/will read this tutorial will walk away with more of an understanding than they started with. isn't that the point? if its too in depth only 5% will get anything out of it. somebody contributes to the community but not enough to suit some. *so add to it*. accusations of being lazy are not constructive. you should put as much effort into adding to this thread as you do detracting from it. if your as knowledgeable as i believe you to be, (which is much more than i ) show it instead of having everyone think your a butte.

    nice job HT!
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #26
    Senior Member
    Join Date
    Mar 2004
    Posts
    139


    "PING"...anybody

  7. #27
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Perhaps I should post a few things hear to clear them up... However I'm posting very little and I have no interest in arguing.

    chsh: These inexpensive Catalyst 2950s that you speak of. Are they the same onces that start with a price tag of $650USD and work their way up to nearly $2000USD? I don't know about your bank account balance but to me that's a substantial amount of money. Want to look at it from a business point of view? You've got 20 employees and you're scratching to make ends meet, the last thing you want is downtime or problems due to some sort of attack on your computer system, yet you have no money. Could you justify spending nearly $2000USD on a switch for this purpose? That could be a months profit for a smaller business. You can't always look at things from a big business point of view. As far as your opinion of my tutorial. You don't like it that's fine. You've managed to bash many tutorials lately... if that's how you get your jolies... enjoy. When you post your own tutorial and show us all how it's done... then I'll start to respect your opinion.

    Juridian: Yes I said I did it because I was lazy. Have you never heard the expression, "Why do what someone has already done better." I know you have enough knowledge that you could write yourself an operating system. So why haven't you? The answer is simple... you are too lazy/busy and people have done it better already, so why waste your time. Yes I took the layout of the diagramed chart... whoop-di-friggen-doo. I modified the fields to better display what they were.. I just couldn't be bothered to waste my time creating a table for something that's being posted here... That's a lot of time, that I don't have....

    Anyways.. that's all I have to say..

    Thanks to the rest of ya for the feedback, glad to see most people enjoyed the read.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  8. #28
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    Originally posted here by therenegade
    lol,all I know is that I'm going to think a million times before posting a tut on here...with this kind of 'constructive criticism' who needs critics?lol
    IMO(for what it's worth),it was a nice tut,HTRegz put work into it..shouldnt we all just appreciate it rather than go cribbing about it?
    I would think the opposite about that. chsh's comments almost should drive people to try and make a tutorial that can please him. If you do I believe it will be one heck of a tutorial. It's probably impossible though. Just seems as though it's a good challenge, and a good motivator for people to write awesome tutorials.

    Peace

  9. #29
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    It is suddenly my duty to do other people's work for them?
    But it appears to be your self appointed duty to jump all over people when thet don't meet your apparent standards, standards that you have yet to meet yourself in your prior scribblings.

    I do not have personal webspace at the moment. When I do, I will.
    That has to be the biggest crock I have ever heard in my life. Wordpad is all you need. You have internet access, clearly, or you wouldn't be able to harass people here like you do. As for personal web space.... take all you need here on AO. Split your masterpiece up into a hundred little bit's if that's what it takes...... You might be used to coming up with cute excuses for you supervisor or college professor but please, please, don't think that everyone is as naive as they are.

    Go pick up your crayons and start scribbling young man. If you produce good work then we will all be impressed. If not....... Well, you work it out.......

    We're waiting to be impressed......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  10. #30
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    HT > You are wrong on multiple points. My example was not an attack on you, just a poor example. I don't have anything against you, and I don't post simply to back up chsh. He's a big boy and can handle himself.

    My point was that maybe we should hold ourselves to a higher standard when creating tutorials and maybe even try follow the standards of most research papers. It may make it easier for people to understand, and a structured area for references used in creation of the tutorial or for further research (beyond google) could be invaluable to some of our less experienced readers.

    Taking another week or three to further explore some of the topics presented and possible ways to prevent said attacks could have also been very cool and would have only delayed the release of the information a little.

    And finally...

    I don't build my own os because I have no interest. If I felt the need to do so, I would take the extra time to make sure it is architected properly (as much as I'm able) and has good documentation. As I work it out I'd probably also have people review my design and work to ensure it is indeed good. If something is worthy of doing, it should be done well.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •