[ previous ] [ next ] [ threads ]
 From:  Kris Maglione <bsdaemon at comcast dot net>
 To:  Jared Cebada <JCebada at smwc dot edu>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] mono wall 1.11 susceptible to dhcp dos attack
 Date:  Fri, 16 Sep 2005 12:15:14 -0400
Jared Cebada wrote:

> Increasing the size of the
>partition or tmp will only delay the problem. Is it to much for it to
>check for duplicate leases.
As I and others have said before, this is an issue with ISC's DHCPd. 
File a bug with them (http://www.isc.org) if you want that feature. It 
is not in the nature if ISC software to do such things. As an example, 
my home DHCP server only serves 3 computers and a wireless access point 
normally, the rest are static. One other computer has been twice hooked 
up to the wireless access point. There are 29 leases in the file, and 
it's nearly 300 lines long. dnsmasq ('DNS Forwarder' in monowall) 
includes a DHCP server... I think m0n0wall uses it as a relay, but 
otherwise not. I've never tried it, but it may be an alternative. I 
suspect that there's a reason that it's not used in m0n0wall, since it 
would cut all of dhcpd's weight off of the distro.