undefined | Better HN

0 pointsagwa1y ago0 comments

Ignoring or blocking these options is trivial but ineffective since the DHCP server can still send a malicious subnet mask.

(Edited to replace "default gateway" with "subnet mask")

0 comments

peddling-brink1y ago

Forgive my ignorance, but what could a malicious gateway do in this instance?

agwaOP1y ago

Whoops, I posted too early in the morning, I meant to say "malicious subnet mask" :-)

Basically, the DHCP server sends a subnet mask for an absolutely huge subnet (e.g. a /2), and the route for that subnet takes precedence over the VPN route. The attacker can only intercept 25% of the IPv4 address space with a /2 but that's still pretty bad.

peddling-brink1y ago

Clever, thanks!

j / k navigate · click thread line to collapse

0 pointsagwa1y ago0 comments

Ignoring or blocking these options is trivial but ineffective since the DHCP server can still send a malicious subnet mask.

(Edited to replace "default gateway" with "subnet mask")

0 comments

peddling-brink1y ago

Forgive my ignorance, but what could a malicious gateway do in this instance?

agwaOP1y ago

Whoops, I posted too early in the morning, I meant to say "malicious subnet mask" :-)

peddling-brink1y ago

Clever, thanks!

j / k navigate · click thread line to collapse