[Dnsmasq-discuss] DHCP Denial-of-Service
Simon Kelley
simon at thekelleys.org.uk
Sun Jul 17 13:41:16 BST 2005
Replying to my own last reply.
>Whilst it's not easy to defend against a malicious attacker, it should
>be possible to improve things in this case, which must be fairly
>common. Maybe something like just caching the last result for 30
>seconds or so,
>so that subsequent requests to check the same IP return immediately if
>nothing replied to the ARP request last time. Does that sound sensible?
Caching the last ping result will, of course not protect against two or
more buggy clients hammering at the same time. The scheme would require
storing all the addresses pinged in the last 30 s to be effective.
Cheers,
Simon.
More information about the Dnsmasq-discuss
mailing list