On Tue, 2004-08-24 at 12:54 +0200, Harald Hoyer wrote: > With all those DHCP and DNS magic, the question comes up, if there is any security check involved? > Will the user be asked, if he accepts the configuration from DHCP server x which gives additional DNS server y, which pulls in several configurations? > > Without security checks I could redirect a users desktop easily to my linux laptop, > which maybe answers a DHCP request faster than the company DHCP server. Sure. You can also answer DNS requests faster than the company DNS server. There's nothing new here, these protocols are insecure. Barring widespread use of DNSSEC, security has to come at a higher level via IPSec, TLS, etc.
Attachment:
signature.asc
Description: This is a digitally signed message part
