Problems with Updates

Derek Broughton news at
Thu Oct 30 00:55:14 UTC 2008

Mario Vukelic wrote:

> On Tue, 2008-10-28 at 21:47 -0300, Derek Broughton wrote:
>> Of course - _every_ client opens a port.
> I should have phrased it more explicitly. If you read the thread (or
> even just the particular post I linked to) you will note that the point
> was that the dhcp client opens a UDP port.
> A client that listens on a TCP port knows who he is talking to and will
> only accept packets from that particular host. This is different for a
> UDP port, which the dhcp client listens on. That port will basically
> accept anything from the LAN that is sent to it.

I understand that, but I don't think it makes a huge deal of difference - if
the DHCP client only opened TCP ports, it would still be as vulnerable to a
compromised DHCP server.  I was actually thinking about a buggy DHCP
client, but really you don't even need that - if the DHCP server points you
to my pirate DNS server, I own your Internet.

More information about the ubuntu-users mailing list