Most mornings, you wake up and think you at least have a semblance of what your day will be like. But if someone tells you that you now have to worry about your DHCP server messing up your network, you might want to just go back to bed and stay there.
If you haven’t yet made DHCPwn an acquaintance, get yourself a cup of coffee and wake up to the sweet smell of IP Exhaustion.
The Dynamic Host Control Protocol server on your network sits around happily handing out IP address to machines on your network (identified by their MAC address).
- You turn on your computer.
- It requests a new IP address by sending over its MAC address.
- It gets assigned a new unused IP address.
- You’re now looking at Facebook marveling over how the girl that used to chug all of the Elmer’s glue in art class has now spawned her own Elmers glue chugging kid in some weird recursive Elmers glue Escher print of modern society.
This is where the trouble starts: DHCPwn impersonates an innocent computer on the network and just requests and requests and requests IP addresses leases from the DHCP server until there aren’t any left and nobody can get a new IP address to check on the status of the young glue eater.
If you’re sick of having a bunch of software applications that don’t work well together, check out Varonis’ suite of awesomely integrated solutions for monitoring user network behaviors and permissions management. No glue necessary.