Hi,
* Kurt Roeckx [2011-04-11 00:29]:
> On Sun, Apr 10, 2011 at 11:55:28PM +0200, Nico Golde wrote:
> >
> > We recommend that you upgrade your isc-dhcp packages.
>
> I'm guessing that for the update to be active we need to bring
> down any interface that is using
On Sun, Apr 10, 2011 at 11:55:28PM +0200, Nico Golde wrote:
>
> We recommend that you upgrade your isc-dhcp packages.
I'm guessing that for the update to be active we need to bring
down any interface that is using the client? (Or reboot.)
The server seems to be restarted on upgr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
[ Please keep me CC ]
Hi,
Version 4.1.1-P1-15+squeeze1 of isc-dhcp was updated yesterday but no
DSA were sent about it, and the security tracker [0] still marks this
package vulnerable.
[0] http://security-tracker.debian.org/tracker/CVE-2011-0413
On Thu, Jan 29, 2009 at 12:26:46PM -0800, Matt Kincaid wrote:
> Hello, I'm having the same issue.
>
>
>
> I can broadcast to the ###.###.###.255 fine but my switches/routers
> throw out 255.255.255.255.
Routers must have dhcp-relay function.
--
To UNSUBSCRIBE, e
Hello, I'm having the same issue.
I can broadcast to the ###.###.###.255 fine but my switches/routers
throw out 255.255.255.255.
Have you found any solution?
Matt Kincaid
---
DISCLAIMER: Information contained in this m
Hi list,
I've seen and heard about this on more than one occasion.
Now I wonder what's hiding behind it. What could be the point with a
dhcp-server throwing out a 255.255.255.255 subnet broadcast address
together with a ip-address/subnet mask from which the dammed thing can be
easily de
Am Dienstag, den 09.11.2004, 21:28 +0100 schrieb Jan LÃhr:
> Will there be new official stable packages in the next few days (3-4)?
> (If not, I've to patch it by myself)
> > Debian has recently distributed a security advisory on the dhcp-2.0pl5
> > package they distribu
Greetings,
Am Dienstag, 9. November 2004 21:44 schrieb Bartosz Fenski aka fEnIo:
> On Tue, Nov 09, 2004 at 09:28:34PM +0100, Jan Lühr wrote:
> > just asking, cause it is relevant for me:
> > Will there be new official stable packages in the next few days (3-4)?
> > (If not, I've to patch it by mys
On Tue, Nov 09, 2004 at 09:28:34PM +0100, Jan Lühr wrote:
> just asking, cause it is relevant for me:
> Will there be new official stable packages in the next few days (3-4)?
> (If not, I've to patch it by myself)
Please read that announcement more careful.
It is fixed in stable already.
regards
also sprach Jan Lühr <[EMAIL PROTECTED]> [2004.11.09.2128 +0100]:
> Will there be new official stable packages in the next few days
> (3-4)? (If not, I've to patch it by myself)
They are already there, and have been for 5 days.
http://www.debian.org/security/2004/dsa-584
You should upgrade to dh
Greetings,
just asking, cause it is relevant for me:
Will there be new official stable packages in the next few days (3-4)?
(If not, I've to patch it by myself)
Keep smiling
yanosz
--- Begin Message ---
*** From dhcp-announce -- To unsubscribe, see the end of this message. ***
Debia
On Fri, 01 Nov 2002 at 06:41:43PM -0400, Peter Cordes wrote:
> MD5 is still believed to be secure. i.e. Nobody can modify a binary so
> that it has different contents but the same MD5 hash, unless they are _very_
> _very_ lucky. The task becomes even more difficult if you check the length
> of t
On Fri, 01 Nov 2002 at 06:41:43PM -0400, Peter Cordes wrote:
> MD5 is still believed to be secure. i.e. Nobody can modify a binary so
> that it has different contents but the same MD5 hash, unless they are _very_
> _very_ lucky. The task becomes even more difficult if you check the length
> of t
On Tue, Oct 29, 2002 at 05:10:12PM -0800, Alvin Oga wrote:
> am not as worried about the determined hacker/crackers that
> can modify binaries such that md5sum matches my tripewire db and
> other security precautions (databases and baseline) of my servers
MD5 is still believed to be secure. i.e
On Tue, Oct 29, 2002 at 05:10:12PM -0800, Alvin Oga wrote:
> am not as worried about the determined hacker/crackers that
> can modify binaries such that md5sum matches my tripewire db and
> other security precautions (databases and baseline) of my servers
MD5 is still believed to be secure. i.e
om the script kidies
and local wanna be admins that goes around changing the lan network,
config files, topology, passwds etc
- 80-90% of all these attempts are users trying to bypass
corp security policy
- or just playing .. tripping all the alrms in the process
of te
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> i say modifying files is a give away .. that says
> "come find me" which is trivial since its modified
> binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right.
hi ya dale
if anybody modifies the typical binaries..
i'll know within the hour.. hourly/randomly system checks
or instaneously if i happen to be reading emails
at the time ... they are attacking...
i say modifying files is a give away .. that says
"come find me" which is trivial since it
On Tue, Oct 29, 2002 at 03:28:20PM -0800, Alvin Oga wrote:
> if they exploited a root vulnerability and got in...
> why modify silly binaries like ps, top, ls, find, etf ??
>
> that gives themself away as having modified the system
No it doesn't. It makes them and everything they do vanish
into t
hi ya dale
>
> Rootkits are *INSTALLED* after a successful root
> exploit.
maybe i missing something here ... that i been wonderng about
for years..
if they exploited a root vulnerability and got in...
why modify silly binaries like ps, top, ls, find, etf ??
that gives themself away as havin
om the script kidies
and local wanna be admins that goes around changing the lan network,
config files, topology, passwds etc
- 80-90% of all these attempts are users trying to bypass
corp security policy
- or just playing .. tripping all the alrms in the process
of te
A rootkit is a selection of modified standard programs
that usually replace (among others)
ls
ps
netstat
users
and pretty much everything else you would use to check
your machine. It will also include a backdoor.
Sometimes the primary part of the rootkit is eithe
hi ya rick
yes... got that part ... ( the after breaking in part )
was exepecting to see "it helps one to breakin and exploit
the vulnerabilities" so it didn't sink in at first when
i was reading all the talk-backs
( didnt see what i wanted to see ;-)
thanx
alvin
On Mon, 28 Oct 2002,
On Tue, Oct 29, 2002 at 04:12:54PM -0800, Alvin Oga wrote:
> i say modifying files is a give away .. that says
> "come find me" which is trivial since its modified
> binaries
If they do it right, it's not a giveaway. If they're quick, thorough,
and accurate, they can certainly do it right.
hi ya dale
if anybody modifies the typical binaries..
i'll know within the hour.. hourly/randomly system checks
or instaneously if i happen to be reading emails
at the time ... they are attacking...
i say modifying files is a give away .. that says
"come find me" which is trivial since it
On Tue, Oct 29, 2002 at 03:28:20PM -0800, Alvin Oga wrote:
> if they exploited a root vulnerability and got in...
> why modify silly binaries like ps, top, ls, find, etf ??
>
> that gives themself away as having modified the system
No it doesn't. It makes them and everything they do vanish
into t
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
> Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
> Network. In order to get inside the network you will have to get past
> the IPSEC Host, which of course will require a key that has a v
We are currently looking into wireless where I work also.
Just a few weeks ago, we had this company come in to give a demo of an
appliance that enforces restrictions on the wireless network.
http://www.verniernetworks.com/
It seems to be along the path of what we are looking for, YMMV.
Oh, and we
hi ya dale
>
> Rootkits are *INSTALLED* after a successful root
> exploit.
maybe i missing something here ... that i been wonderng about
for years..
if they exploited a root vulnerability and got in...
why modify silly binaries like ps, top, ls, find, etf ??
that gives themself away as havin
A rootkit is a selection of modified standard programs
that usually replace (among others)
ls
ps
netstat
users
and pretty much everything else you would use to check
your machine. It will also include a backdoor.
Sometimes the primary part of the rootkit is eithe
hi ya rick
yes... got that part ... ( the after breaking in part )
was exepecting to see "it helps one to breakin and exploit
the vulnerabilities" so it didn't sink in at first when
i was reading all the talk-backs
( didnt see what i wanted to see ;-)
thanx
alvin
On Mon, 28 Oct 2002,
On Tue, Oct 29, 2002 at 09:35:01AM -0500, Phillip Hofmeister wrote:
> Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
> Network. In order to get inside the network you will have to get past
> the IPSEC Host, which of course will require a key that has a v
We are currently looking into wireless where I work also.
Just a few weeks ago, we had this company come in to give a demo of an
appliance that enforces restrictions on the wireless network.
http://www.verniernetworks.com/
It seems to be along the path of what we are looking for, YMMV.
Oh, and we
ou could do ipsec:
Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
Network. In order to get inside the network you will have to get past
the IPSEC Host, which of course will require a key that has a valid
certificate from the local CA.
Just a thought...
--
Excuse
weary of wireless. I take an 802.11b card and can pick an addy even
If I am just joe smo public. Draw a 1000 feet circle around your
wireless AP and that is the range at which I can get an addy from your
DHCP...
--
Excuse #71: Someone is standing on the Ethernet cable causing a kink in the
cable
ou could do ipsec:
Laptop (IPSEC CLient) -> WAP -> Server (DHCP AND IPSEC Host) -> Local
Network. In order to get inside the network you will have to get past
the IPSEC Host, which of course will require a key that has a valid
certificate from the local CA.
Just a thought...
--
Excuse
weary of wireless. I take an 802.11b card and can pick an addy even
If I am just joe smo public. Draw a 1000 feet circle around your
wireless AP and that is the range at which I can get an addy from your
DHCP...
--
Excuse #71: Someone is standing on the Ethernet cable causing a kink in the cable
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> Too bad there is no way to do a secure handshake w/ an id/password or
> even SecureID cards.
That's the idea behind PPPoE. Yuck.
-B
--
Brandon High [EMAIL PROTECTED]
'98 Kawi ZX-7R "Wasabi", '9
On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> Too bad there is no way to do a secure handshake w/ an id/password or
> even SecureID cards.
That's the idea behind PPPoE. Yuck.
-B
--
Brandon High [EMAIL PROTECTED]
'98 Kawi ZX-7R "Wasabi", '9
Quoting Andrew Sayers ([EMAIL PROTECTED]):
> In practice, even a very low security barrier will stop the 90% of
> clueless abusers - but (to drag this thread bag on-topic), that's no
> excuse for basing the security of your network on a fundamentally
> insecure way of identifying computers.
Right
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i read all the talkbacks...
> - no definition of rootkit posted in the talkbacks
Look again.
Anyhow, a rootkit is not "anything that allows an un-educated user to
just run that tool to break into other peoples network and machines".
It's something
On Mon, Oct 28, 2002 at 06:46:47PM -0800, Rick Moen wrote:
>
> >> This confusion has also come up elsewhere, on LinuxToday:
> >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV
> >
> > tht just talks about arresting some poor soul ??
>
> Read the talkbacks, at the bottom.
Spe
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
> >> Um, Alvin? You might want to look up the definition of "rootkit".
> >
> > my definition ... anything that allows an un-educated user to just
> > run that tool to break into other peoples network and
Quoting Andrew Sayers ([EMAIL PROTECTED]):
> In practice, even a very low security barrier will stop the 90% of
> clueless abusers - but (to drag this thread bag on-topic), that's no
> excuse for basing the security of your network on a fundamentally
> insecure way of identifying computers.
Right
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i read all the talkbacks...
> - no definition of rootkit posted in the talkbacks
Look again.
Anyhow, a rootkit is not "anything that allows an un-educated user to
just run that tool to break into other peoples network and machines".
It's something
Quoting Alvin Oga ([EMAIL PROTECTED]):
>> Um, Alvin? You might want to look up the definition of "rootkit".
>
> my definition ... anything that allows an un-educated user to just
> run that tool to break into other peoples network and machines
> ( there's too many "rootkits" to count )
Tha
Jason Clarke wrote:
> Chuck,
>
> That sounds like a fantastic idea!
>
> Provide some sort of web interface where a student can use a library
> terminal or some such, plug in their MAC ADDR and their student
> number.
>
> I normally don't post a "Good on you jim!" message, but this one has
> set off
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
>
> > i think you want at least one level of protection against dhcp
> > - prevent any tom, dick and harry from creating havoc
> > by running their rootkits by connec
On Mon, Oct 28, 2002 at 06:46:47PM -0800, Rick Moen wrote:
>
> >> This confusion has also come up elsewhere, on LinuxToday:
> >> http://linuxtoday.com/news_story.php3?ltsn=2002-09-20-011-26-SC-SV
> >
> > tht just talks about arresting some poor soul ??
>
> Read the talkbacks, at the bottom.
Spe
and centre.
J
- Original Message -
From: "Haines, Charles Allen" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, October 29, 2002 12:35 PM
Subject: RE: DHCP
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If your MAC address isn't
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i think you want at least one level of protection against dhcp
> - prevent any tom, dick and harry from creating havoc
> by running their rootkits by connecting their laptop to the
> network
Um, Alvin? You might want to
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
> >> Um, Alvin? You might want to look up the definition of "rootkit".
> >
> > my definition ... anything that allows an un-educated user to just
> > run that tool to break into other peoples network and
y, October 28, 2002 8:39 PM
To: Haines, Charles Allen
Cc: debian-security@lists.debian.org
Subject: Re: DHCP
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to y
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to your box by dhcp?
Haines, Charles Allen wrote:
Well here at WPI, we have to register each and every MAC
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If your MAC address isn't registered, you get no
network. It works the same way with wireless. And to the best of my
knowledge, DHCP is used.
-
Chuck H
ic IP given out locked to the MAC address they provide. Run arpwatch to
look for illegal connections
We are trialing wi-fi city wide, the wi-fi lan is behind a firewall and are
blocking port 25, then opening up ports as requested based on merits.
DHCP is the least of your worries...
This
hi andrew
i think you want at least one level of protection against dhcp
- prevent any tom, dick and harry from creating havoc
by running their rootkits by connecting their laptop to the
network
- it is bad to allow just anybody plug in their laptops
Quoting Alvin Oga ([EMAIL PROTECTED]):
>> Um, Alvin? You might want to look up the definition of "rootkit".
>
> my definition ... anything that allows an un-educated user to just
> run that tool to break into other peoples network and machines
> ( there's too many "rootkits" to count )
Tha
I'm not a huge expert on all of this, but here are a couple of
thoughts...
Unless you're monitoring IP/MAC addresses to try and detect
spoofing, knowing a machine's IP address is already useless from a
security POV. Even then, MAC addresses can be spoofed. Given that,
DHCP ca
Jason Clarke wrote:
> Chuck,
>
> That sounds like a fantastic idea!
>
> Provide some sort of web interface where a student can use a library
> terminal or some such, plug in their MAC ADDR and their student
> number.
>
> I normally don't post a "Good on you jim!" message, but this one has
> set off
hi ya rick
On Mon, 28 Oct 2002, Rick Moen wrote:
> Quoting Alvin Oga ([EMAIL PROTECTED]):
>
> > i think you want at least one level of protection against dhcp
> > - prevent any tom, dick and harry from creating havoc
> > by running their rootkits by connec
any worse of security wise as far as moving to DHCP will go.
Thanks for the various responses, if someone still thinks of a big issue I
would love to hear it.
Cheers,
Stewart
On Tue, 29 Oct 2002, Jones, Steven wrote:
> Date: Tue, 29 Oct 2002 12:19:06 +1300
> From: "Jones, Steven"
and centre.
J
- Original Message -
From: "Haines, Charles Allen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, October 29, 2002 12:35 PM
Subject: RE: DHCP
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If y
Quoting Alvin Oga ([EMAIL PROTECTED]):
> i think you want at least one level of protection against dhcp
> - prevent any tom, dick and harry from creating havoc
> by running their rootkits by connecting their laptop to the
> network
Um, Alvin? You might want to
nt: Monday, October 28, 2002 8:39 PM
To: Haines, Charles Allen
Cc: [EMAIL PROTECTED]
Subject: Re: DHCP
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to your b
Too bad there is no way to do a secure handshake w/ an id/password or
even SecureID cards.
Any way to make the same host name resolve to your IP irreguardless of
what IP is allocted to your box by dhcp?
Haines, Charles Allen wrote:
Well here at WPI, we have to register each and every MAC
Well here at WPI, we have to register each and every MAC address that we
wish to use on campus. If your MAC address isn't registered, you get no
network. It works the same way with wireless. And to the best of my
knowledge, DHCP is used.
-
Chuck H
u could set dhcp to give out a fixed address dependant on a mac address,
this would stop just anybody plugging a box into a network, if your network
is physically secure then thats not a worry. (a cat5 jack in reception or
some other public place is dodgy)
Otherwise dhcp makes life easier...its
ic IP given out locked to the MAC address they provide. Run arpwatch to
look for illegal connections
We are trialing wi-fi city wide, the wi-fi lan is behind a firewall and are
blocking port 25, then opening up ports as requested based on merits.
DHCP is the least of your worries...
This
As far as I know there's not much to it, my dhcp server was very simple
to set up with very little security options. My only suggestion is just
make sure you have the latest version, and make sure you have the
security updates source in your sources.list file for your dists ie:
deb
I was hoping someone could help me out here. Currently I am still on a
netowrk using static IP configurationon each machine, we are finally
moving towards DHCP. Are there any security considerations to be made to
ensure there is no gapping security hole. the various howto's I have seen
don;t
hi andrew
i think you want at least one level of protection against dhcp
- prevent any tom, dick and harry from creating havoc
by running their rootkits by connecting their laptop to the
network
- it is bad to allow just anybody plug in their laptops
I'm not a huge expert on all of this, but here are a couple of
thoughts...
Unless you're monitoring IP/MAC addresses to try and detect
spoofing, knowing a machine's IP address is already useless from a
security POV. Even then, MAC addresses can be spoofed. Given that,
DHCP ca
any worse of security wise as far as moving to DHCP will go.
Thanks for the various responses, if someone still thinks of a big issue I
would love to hear it.
Cheers,
Stewart
On Tue, 29 Oct 2002, Jones, Steven wrote:
> Date: Tue, 29 Oct 2002 12:19:06 +1300
> From: "Jones, Steven"
u could set dhcp to give out a fixed address dependant on a mac address,
this would stop just anybody plugging a box into a network, if your network
is physically secure then thats not a worry. (a cat5 jack in reception or
some other public place is dodgy)
Otherwise dhcp makes life easier...its
As far as I know there's not much to it, my dhcp server was very simple
to set up with very little security options. My only suggestion is just
make sure you have the latest version, and make sure you have the
security updates source in your sources.list file for your dists ie:
deb
I was hoping someone could help me out here. Currently I am still on a
netowrk using static IP configurationon each machine, we are finally
moving towards DHCP. Are there any security considerations to be made to
ensure there is no gapping security hole. the various howto's I have seen
don;t
uring the PREINIT stage to let
> > > the DHCPDISCOVER broadcast out (and a reply back in eventually, taking
> > > this one step at a time ;-). At least, that's what I thought I should
> > > do, but I noticed that packets are not logged!
> >
> > I thin
uring the PREINIT stage to let
> > > the DHCPDISCOVER broadcast out (and a reply back in eventually, taking
> > > this one step at a time ;-). At least, that's what I thought I should
> > > do, but I noticed that packets are not logged!
> >
> > I thin
a reply back in eventually, taking
> > this one step at a time ;-). At least, that's what I thought I should
> > do, but I noticed that packets are not logged!
>
> I think (but not sure) DHCP client is using (so called) raw sockets
> which are below the layer where iptables
a reply back in eventually, taking
> > this one step at a time ;-). At least, that's what I thought I should
> > do, but I noticed that packets are not logged!
>
> I think (but not sure) DHCP client is using (so called) raw sockets
> which are below the layer where iptables
st, that's what I thought I should
> do, but I noticed that packets are not logged!
I think (but not sure) DHCP client is using (so called) raw sockets
which are below the layer where iptables is in the kernel. That's why
iptables is unable to see the packets.
(There is an option for Raw
st, that's what I thought I should
> do, but I noticed that packets are not logged!
I think (but not sure) DHCP client is using (so called) raw sockets
which are below the layer where iptables is in the kernel. That's why
iptables is unable to see the packets.
(There is an option for Raw
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lupe Christoph <[EMAIL PROTECTED]> writes:
> On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
>
> > I am playing with packet filtering on a DHCP client and trying to get
> > it done the right way.
>
>
On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
> I am playing with packet filtering on a DHCP client and trying to get
> it done the right way.
The right way is to dispense with DHCP. The protocol has no security
whatsoever. Read RFC2131, "7. Security Consider
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lupe Christoph <[EMAIL PROTECTED]> writes:
> On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
>
> > I am playing with packet filtering on a DHCP client and trying to get
> > it done the right way.
>
>
On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
> I am playing with packet filtering on a DHCP client and trying to get
> it done the right way.
The right way is to dispense with DHCP. The protocol has no security
whatsoever. Read RFC2131, "7. Security Consider
Dear .debs,
I am playing with packet filtering on a DHCP client and trying to get
it done the right way. Policy for all built-in chains is DROP and all
packets are logged before they go plonk. I pulled the network cable
while playing around.
Debian GNU/Linux 3.0
kernel 2.4.18-tux, iptables
Dear .debs,
I am playing with packet filtering on a DHCP client and trying to get
it done the right way. Policy for all built-in chains is DROP and all
packets are logged before they go plonk. I pulled the network cable
while playing around.
Debian GNU/Linux 3.0
kernel 2.4.18-tux, iptables
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Harald Skoglund on Tue, Mar 05, 2002 at 11:53:39AM +0100:
> > Does anybody use iptables in a DHCP network? I want to know how
> > would be some rule in this case...
>
> iptables -A INPUT -p UDP -s --sport 67 --dport 68 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Harald Skoglund on Tue, Mar 05, 2002 at 11:53:39AM +0100:
> > Does anybody use iptables in a DHCP network? I want to know how
> > would be some rule in this case...
>
> iptables -A INPUT -p UDP -s --sport 67 --dport 68 -
mandag 4. mars 2002, 13:57, skrev Osvaldo Mundim Junior:
> Hi all,
>
> Does anybody use iptables in a DHCP network? I want to know how would be
> some rule in this case...
iptables -A INPUT -p UDP -s --sport 67 --dport 68 -j ACCEPT
--
Harald Skoglund
mandag 4. mars 2002, 13:57, skrev Osvaldo Mundim Junior:
> Hi all,
>
> Does anybody use iptables in a DHCP network? I want to know how would be
> some rule in this case...
iptables -A INPUT -p UDP -s --sport 67 --dport 68 -j ACCEPT
--
Harald Skoglund
--
To UNSUBSCRIBE, ema
Osvaldo Mundim Junior <[EMAIL PROTECTED]> writes:
> Does anybody use iptables in a DHCP network? I want to know how
> would be some rule in this case...
There were some messages flying around debian-firewall concerning DHCP
and iptables. They don't seem to be in the ar
Osvaldo Mundim Junior <[EMAIL PROTECTED]> writes:
> Does anybody use iptables in a DHCP network? I want to know how
> would be some rule in this case...
There were some messages flying around debian-firewall concerning DHCP
and iptables. They don't seem to be in the ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Osvaldo Mundim Junior on Mon, Mar 04, 2002 at 09:57:28AM -0300:
> Does anybody use iptables in a DHCP network? I want to know how would
> be some rule in this case...
Have a look at 'firestarter' as well, a GNOME frontend to b
Monday, March 04, 2002, 1:57:28 PM, Osvaldo Mundim Junior wrote:
> Does anybody use iptables in a DHCP network? I want to know how would be some
> rule in this case...
Check the rules from the monmotha-iptables-script which can be
downloaded from http://monmotha.mplug.org. In my network
Hi all,
Does anybody use iptables in a DHCP network? I want to know how would be some
rule in this case...
tks in advance...
Osvaldo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Said Osvaldo Mundim Junior on Mon, Mar 04, 2002 at 09:57:28AM -0300:
> Does anybody use iptables in a DHCP network? I want to know how would
> be some rule in this case...
Have a look at 'firestarter' as well, a GNOME frontend to b
Monday, March 04, 2002, 1:57:28 PM, Osvaldo Mundim Junior wrote:
> Does anybody use iptables in a DHCP network? I want to know how would be some
> rule in this case...
Check the rules from the monmotha-iptables-script which can be
downloaded from http://monmotha.mplug.org.; In my network
1 - 100 of 101 matches
Mail list logo
