Reply to post:

You can hijack Google Cloud VMs using DHCP floods, says this guy, once the stars are aligned and...

SImon Hobson Silver badge

"Oh look, new version of ancient and well known weakness 'invented'"

That's a summary of the article. It was known decades ago that things could be subverted by the simple act of running a rogue DHCP server on a network. There are ways of mitigating that risk - one being to filter DHCP packets at the switch level (why aren't Google doing this ?) so that the rogue server can't get packets to clients; another is to simply monitor the network and manually locate and "terminate with malice" any rogue server; and another is to use secured messages (but that requires pre-configuration of the client which partially defeats the object of DHCP). It's also been known for decades that you can substitute a DHCP packet flood for running an actual service.

So yes, it's a known and solved problem - the only "news" is that in the 21st century it's a problem on a service run by an outfit that you'd think was big enough to employ grown ups to run the networks. The fact that there's weak randomisation involved is pretty well irrelevant - that's really only a mild protection for "idiots didn't do any of the above well known network level defences" and hence allow DHCP "server" packets to come from a device that isn't an authorised DHCP server.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021