Code: Select all
https://www.anvilsecure.com/blog/dhcp-games-with-smart-router-devices.html
I normally had a USB external HDD attached, but I've removed that for now as there's a specific vulnerability to the NAS side of this stuff as well as harddrives. I'd guess someone could possibly intercept CUPS printer stuff too, but this overall seems like a big deal and also not all that new? There were theoretical discussions back to the 90's discussing these possibilities.
quote from the article above discussing how to exploit dhcp:RFC 2131 Dynamic Host Configuration Protocol March 1997
Unauthorized DHCP servers may be easily set up. Such servers can then send false and potentially disruptive information to clients such as incorrect or duplicate IP addresses, incorrect routing information (including spoof routers, etc.), incorrect domain nameserver addresses (such as spoof nameservers), and so on. Clearly, once this seed information is in place, an attacker can further compromise affected systems.
Malicious DHCP clients could masquerade as legitimate clients and retrieve information intended for those legitimate clients. Where dynamic allocation of resources is used, a malicious client could claim all resources for itself, thereby denying resources to legitimate clients.
There was another paragraph that mentioned Out of the box it would appear gargoyle is affected by this eh?Set up an OpenWRT-based smart router (OpenWRT Version 21.02.0-rc1) with a WAN configured to obtain an IP address via DHCP.
I'm guessing the only way around this is to ask very nicely for my ISP to assign a static IP to me so as to not have to worry about DHCP WAN side attacks?
Thoughts?