DHCP and the Resulting Theoretical Attacks

[pooh sun tzu]

I suggested they take more time to make it better and work out some of the topics raised.

Wait, so are you saying a tutorial has to include 100% every single bit of information ever known to man on a particular subject? That the one posting the tutorial has to know the current subject from top to bottom, have invented it, and then patented it?

Come on, let's be reasonable. People know a certain amount of information at any given time, and may wish to teach others that information. It's very similar to the bittorrent network protocol:

1. Person #1 learns a bit of information, understands it.
2. Person#1 shares that information with Person #2.
3. While sharing that information, Person #1 learns more about the information.
4. Person #1 shares that information with Person #2.


And over and over again. Instead of critisizing the parent poster (to which I found the tutorial very informative) why not give tips for improvement? Instead of saying "Why didn't you just make the graph" accept that there is no need for a person to reinvent the wheel. Be thankful that an attempt was made, good or bad, and be ready to offer suggestions if needed.

There are two forms of 'critique'

a. The insult: Only negativity and insults are offered. Telling someone everything about what is wrong, even if true, without offering any advice on how to improve it nor explain it in a way which get's past them being 'hurt' and into a learning experience.

b. The advice: Showing what is wrong, how to fix it, why it is wrong, and losing the ego that comes with teaching someone something. Explaining all of the above in a way which get's past them possibly being 'hurt' about being proven wrong, and into a learning experience.

[Tiger Shark]

Juridian:

Since csch's only response to PM was a string of insults with no actual intelligent discussion followed by a refusal to respond to any following PM yet he continues the same puerile attacks on others he gives me no choice but to address him publicly.

Interestingly enough he seems to spend a lot of time preparing his long winded responses to other's reactions to his attacks.... Time that would probably be better spent showing us all how it _should_ be done..... but no.... he came up with his "I don't have personal web space" excuse for that one....... I'm not as naive as his school teacher to sucker for such rubbish... rubbish he avoided responding to in his last diatribe.....

He's a coward and a loudmouth that can't face people who stand up to his "holier than thou" trash.... I, on the other hand, don't believe that people like him should be allowed to wander around spreading their vitriol where they please without challenge. I'll make the time if I have to in order to stand up to schoolyard bullies..... I've done it all my life.... Twice csch's life... I'm not going to change now..... Sorry if that bothers you.

[AngelicKnight]

He also completely ignored my compromise suggestion, seems to only pay attention to those who he can pick a fight with. That's what it appears to be anyway.

But what's the point in arguing this any further? Moderator has spoken, so case closed. If the mods say it's a tutorial, then you can jump and scream all you want to, but the mod's say is final. And guess what else -- No one cares! So when are we gonna stop whining about what's a tutorial or not and get back to talking about DHCP-related attacks. That was the point of this thread right?

[chsh]

Yup, a mod's spoken. At least there is a clear indication of what is acceptable as a tutorial here.

That being said, I would still like to see this tutorial completed as I feel it is very lacking in an explanation of the processes involved in performing all of the mentioned attacks and perhaps one or two explored directly by the author of the tutorial.

Originally posted by: Pooh Sun Tzu
Wait, so are you saying a tutorial has to include 100% every single bit of information ever known to man on a particular subject? That the one posting the tutorial has to know the current subject from top to bottom, have invented it, and then patented it?

That's a rather extremist way of viewing what Juridian said. "Make it better" does not necessarily equate to "Give a complete 100% detailed explanation of the software/technology/whatever including background information on its formation, a complete history, etc".

AngelicKnight, I did read your post, I just don't believe it applied here.

[Juridian]

I also do not believe a separate forum is the appropriate solution. Thank you for trying to provide an alternative tho. I disagree with the notion that what the mod's say is god's will. They are just monkeys behind keyboards too. If we disagree with what Neg (or any other mod) said we are well within our rights to discuss it and attempt to change the way things are.

As it is, it would seem that people do not want to improve themselves, their work, or the quality of the site as a whole. I guess if the target is low then it is hard to miss. At the very least it makes for some amusing reading and up's the post count of those who have to correct the misinformation.

Disclaimer: I know not all people are against improving the way things are. Some people are putting out very good information and well written posts. Most notably TheHorse13, MrsMittens, etc.

[pooh sun tzu]

As it is, it would seem that people do not want to improve themselves, their work, or the quality of the site as a whole.

That's not what is going on here. It's the difference between helping someone and insulting them. What csh did was insult. Instead of helping to instruct and teach all he did was point out a plethora of errors with no attempt to correct.

There are two ways to handle situations like this. For example, you tell me if a tie looks good on you:

a kind person who wants to improve the quality of the forum: 1. I say that blue isn't your color, but tell you the grey one would fit better with that suit color.

or

someone here to improve their ego and demean people: 2. I say blue looks horrible on you, that it makes your eyes too big, makes your cheeks look puffy, and call you a loser for chosing it in the first place.


csh was the second one. You want to improve the quality of the forums, Juridian? Get more of the first people here who are here to actually help, and not ego inflate by bashing people who do not know as much as others.

[IKnowNot]

my 2 cents, though nobody cares:
Everyone was correct! ( I've been hanging around too many politicians and lawyers for too many years. But I've also been married to my wife for longer and have no problem saying you're F* up. )

IMHO the problem HERE does not lie in what is and is not a tut, but what type of tut it is. The site has grown, as well as the variety of viewers/members.

You are quite correct Tiger Shark, however, as that was well before your time, you may not know that there was *NO* Security Tutorials section back then.

Maybe it is time to add another category to the tutorial section steered toward newcomers in the field ( or security basics 101). That way the comments can be geared more like slarty's, though he is hardly a newcomer, ( was that ever addressed? ) and less toward bickering about whether it fits or not. Relevant information can be lost in such bickering, as the author is distracted from improving the tut with follow edits or posts.

Again, just my 2 cents. And as you noticed, I have not posted any tuts, mainly because I am probably more critical then chsh.

Now to critique the tut; ( sorry HTRegz )

I had hoped to present you with further security related DHCP tasks (from attacking or securing points of view)... however at 3AM... I'm starting to run out of wind and coffee. I wrote this because on Tuesday I have a test on DHCP and I find the best way to reinforce information is to explain it to someone else.

Excellent way to learn! But was it necessary to post it as a tut? Maybe, after you wrote it and reviewed it, you could have posted when the semester was over and you had time to review it with your peers first.

I'm curious to see solutions to some of the possible attacks I have listed... I'd be very interested in seeing how people deal with this, or if people even bother to deal with this. It's my theory that most people don't consider attacks using DHCP and tend to ignore it and leave it with a fairly basic default setup.

Me too!! Too bad the thread got diverted! I would have enjoyed further comment on this. This is an area that I think is overlooked by many, including me ( though I do default of nothing ). People, in my experience, just seem to take this for granted.

Now that the testing is over can your offer any more detailed methods of securing systems? Or has the direction of the thread precluded that?

[avenger_jcc]

FFS... I just skim now... dont bother reading, its just back and forth, back and forth...
Honestly, arent you little boys out of urine yet?
This pissing contest is O L D....

[AngelicKnight]

No kidding! Splitting hairs and giving ego contests.

Now I will go with chsh's notion to improve the tutorial, if he'll put his money where his mouth is and add some input to do it. Stop yabberin' and get on with it. I really don't care what you people think is a tutorial or isn't; I'm on this thread because I want a better understanding of DHCP. Instead, I'm having my time wasted.

Mods, monkeys behind keyboards or not, are the authorities of AO. Case closed.

So get on with improving it and get back on topic will ya? What more is behind this concept?

[hogfly]

If I may be so bold here....

There was no tutorial there, just a regurgitation of an RFC. Regardless....

you want to secure DHCP from these theoretical attacks?
use a switch with mac-port binding
use isc dhcp with static dhcp
use arpwatch
use Ipsec with atleast AH

have a nice day

bleh


Now that's a tutorial....