none
Denial-of-Service Bug in dhcp RRS feed

  • Question

  • abadly formed packet with an invalid ipv4 UDP length field can cause a  dhcp sevre ,client, or relay program to terminate abnormally.is this problem related to dhcp in linux or windows server too?and is there any patch solution to fix this flaw in microsoft windows server??another question is that how to find out version of dhcp server in windows?(I donot mean console version)
    Sunday, January 24, 2016 5:45 AM

Answers

  • Hi BahareRiahi,

    According to your description, you are considering about denial-of-service attack with DHCP.

    >is that how to find out version of dhcp server in windows?(

    For windows DHCP, we generally distinguish DHCP version with the server's OS version, such as DHCP server on windows server 2008, DHCP server on window server 2012 and so on. DHCP server on different server version has different feature.

    >is there any patch solution to fix this flaw in microsoft windows server??

    For windows server, we have some recommendations to secure DHCP:

    1. ensure unauthorized clients do not have physical or wireless access to the network;

    2. enable DHCP audit log to monitor DNS dynamic updates by DHCP server;

    3. use NAP enforcement for DHCP server, then only NAP clients could obtain IP address from DHCP server.

    If you want to know more about NAP enforcement for DHCP, you may click the following link:

    https://technet.microsoft.com/en-us/library/cc733020(v=ws.10).aspx

    If you want to know more about secure Windows DHCP, you may click this link:

    https://technet.microsoft.com/en-us/library/cc780347(v=ws.10).aspx

    Besides, keep your server up-to-date, and install all necessary patches.

    Best Regards,

    Anne


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, January 25, 2016 8:07 AM
    Moderator