[RndTbl] Shaw DHCP weirdness or attack?
Colin Stanners
cstanners at gmail.com
Wed Dec 5 09:21:06 CST 2012
That's a strange issue - which version of dhclient is it? Shaw may be
doing something creative on their network that dhclient needs to be
configured more openly to accept.
Also, Trevor, you're alive! I had sent a few e-mails to different
addresses when organizing the bad capacitor night at Skullspace and
assumed you had been absorbed into the tubes.
On 12/5/12, Trevor Cordes <trevor at tecnopolis.ca> wrote:
> Starting Nov 29 04:16:10 I start seeing a new error in my /v/l/messages
> from dhclient (the DHCP client for my Shaw internet connection):
>
> Nov 29 04:16:10 pog dhclient[1271]: parse_option_buffer: malformed option
> dhcp.fqdn (code 81): option length exceeds option buffer length.
>
> And it repeats every 30-39s for hours, then sometimes stops for a while.
> Sometimes skips a day but then starts up again.
>
> Is someone trying a known DHCP buffer overflow attack on my Shaw segment
> or is this something legit that Shaw is passing out that linux doesn't
> understand? I know what fqdn means, though why it should exceed buffer
> limits is beyond me.
>
> Can others check their logs and see if they're getting this too?
>
> There was 1 other weird dhclient error before this started:
> Nov 27 06:52:55 pog dhclient[1271]: parse_option_buffer: malformed option
> dhcp.uap-servers (code 98): option length exceeds option buffer length.
> _______________________________________________
> Roundtable mailing list
> Roundtable at muug.mb.ca
> http://www.muug.mb.ca/mailman/listinfo/roundtable
>
More information about the Roundtable
mailing list