• Home
• Topics
• Wireless Networking
• Managing Wireless Networks
• What vulnerability is documented for RFC 3118?

What vulnerability is documented for RFC 3118?

Requires Free Membership to View

Login



SearchMobileComputing.com members gain immediate and unlimited access to expert guides for mobile deployment, management and security, industry trends, and more-- all at no cost. Join me on SearchMobileComputing.com today!

Kate Gerwig, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchMobileComputing.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchMobileComputing.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

• The configuration token method is vulnerable to interception, and
• The delayed authentication mechanism is vulnerable to DDoS floods.

For example, DHCP_Gobbler is a proof of concept tool that attacks RFC 3118 by grabbing all available DHCP addresses, preventing allocation to legitimate new machines.

To learn more about DHCP improvements related to security and more, visit the IETF's DHC working group page -- for example, see Internet Drafts regarding DHCP authentication with IPv6 and DHCP Relay.

Note that DHCP can be used by any kind of IP network, including wireless LANs. Wireless LANs are inherently more vulnerable to interception and flooding than privately-operated Ethernet LANs. Link encryption (WPA/WPA2) can be used to prevent DHCP request interception on a wireless LAN. Preventing flooding is trickier, since you can't really prevent wireless stations from transmitting. However, you CAN stop transmitted packets from reaching your DHCP server -- for example, by using 802.1X port access control.

Dig Deeper

This was first published in February 2005

More from Related TechTarget Sites

• Unified Communications
• Networking
• Telecom
• Networking Channel
• CRM
• Data Management

• Unified Communications

  • Interop 2012: UC apps vendors must strive for interoperability

    Vendors are aware of and gradually responding to issues around multi-vendor UC strategies and UC interoperability, according to a discussion panel at Interop 2012.

  • Tackling virtual UC and VDI for the distributed enterprise

    Virtual UC applications are being deployed beyond the data center into the distributed enterprise and should be planned with virtual desktop infrastructure deployment.

  • Integrating cloud-based UC applications for the branch office

    As enterprises consider cloud-based UC applications for the branch office, they face integration issues between the cloud- and premises-based UC applications.

• Networking

  • Overcoming wireless network interference in public venues

    In public venues, unplanned personal hotspots can cause wireless network interference. Wireless expert, Lisa Phifer explains how to overcome this and maintain Wi-Fi coverage.

  • Getting answers on HP OpenFlow and the HP 12500 data center switch

    At Interop 2012 we uncovered the latest on the HP 12500 switch and learned what the HP OpenFlow strategy is really about.

  • Application-aware networking flies under radar at Interop 2012

    At Interop 2012, clear signs emerge that application-aware networking is becoming a reality.

• Telecom

  • Smartphone adoption spurs advanced services demand in Latin America

    Latin American smartphone adoption is more robust than North America's, and the consumers are more mobile-friendly than their peers in developed economies.

  • Need for wireless network upgrade is key AT&T/T-Mobile driver

    Rising demand for high-quality network service delivery will require operators to undertake a massive wireless network upgrade, driving deals like the AT&T/T-Mobile acquisition.

  • Video: ACG Research dissects telecom routing and switching market

    In this ACG Research HotSeat video, Managing Partner Ray Mota gives viewers a quarterly update on the telecom service provider routing and switching market.

• Networking Channel

  • Partners learn to sell telemedicine solutions

    Selling telemedicine solutions can be an opportunity for partner growth, but it comes with its share of technology and skill set challenges to overcome.

  • Think you can't make digital signage sales?

    When video wall technology was expensive it was hard to sell. But selling digital signage has dropped in cost and many companies are now eager to replace static signs.

  • Cisco Partner Summit 2012: Support services, cloud and mobility reign

    At Cisco Partner Summit 2012, Cisco continues its attempt to improve business by refocusing its channel partner strategy with support services, mobility and cloud announcements.

• CRM

  • Call center agents’ behavior should be focus -- not clunky metrics

    A consultant at the recent ACCE call center expo urged call centers to drop the glut of performance metrics and favor a human approach.

  • Health care reform catalyst for customer service improvements

    Although many don’t immediately think of CRM and health care together, recent U.S. legislative changes to health care standards are causing organizations to think of patients as customers

  • Mobile CRM apps aim to connect smartphones, contact centers

    Customers won’t start from scratch with new mobile app “bridge” programs that transfer their information to contact centers.

• Data Management

  • As data demands speed up, information management tools pave road ahead

    New research shows data virtualization, data governance and master data management initiatives provide higher levels of satisfaction with data quality and data integration.

  • Bank of America IT exec: EIM drivers key to shaping project plans

    Enterprise information management programs should be molded around clear business objectives, says a senior information architect at Bank of America.

  • In-memory database caching helps AltEgo bring online avatars to life

    In-memory database caching technology is helping gamers take charge of their online identities.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map