RE: [m0n0wall] mono wall 1.11 susceptible to dhcp dos attack

From:	"Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
To:	"Jared Cebada" <JCebada at smwc dot edu>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] mono wall 1.11 susceptible to dhcp dos attack
Date:	Fri, 16 Sep 2005 17:36:29 +0200

I suggest clearing the logging of dhcp AND/OR put leases DB on TMPFS
which can be hold in memory.

J.

--
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
Jonathan dot de dot graeve at imelda dot be
-----Oorspronkelijk bericht-----
Van: Jared Cebada [mailto:JCebada at smwc dot edu] 
Verzonden: vrijdag 16 september 2005 17:31
Aan: m0n0wall at lists dot m0n0 dot ch
Onderwerp: Re: [m0n0wall] mono wall 1.11 susceptible to dhcp dos attack

Chris Buechler wrote:

>m0n0wall was never intended to serve as a large-scale DHCP server,
and
>Manuel has stated in the past if you need to handle large loads or
>need any options more than what's now in the GUI, you need a "real"
>DHCP server.
>
>

Just for the record My user base is 260 users at most for any one point
in time.
 I don't need any more options than it has in fact I find the whole
package to be rather robust.
It took one rough dhcpc 1 hour to bring down dhcp on monowall,
Increasing the size of the 
partition or tmp will only delay the problem. Is it to much for it to
check for duplicate leases.

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch