Re: (ASCEND) DHCP Spoofing/P75 Address Robbing

To: ascend-users@bungi.com
Subject: Re: (ASCEND) DHCP Spoofing/P75 Address Robbing
From: MMedwid@symantec.com (Michael Medwid)
Date: Tue, 4 Nov 1997 22:44:57 -0800
Sender: owner-ascend-users@max.bungi.com

     I forgot to mention the software rev which gives this error is 5.1AP4. 
     I found that 5.0ai16 does not give this error.  However the original 
     address from the LAN based DHCP server remains in the Win95 winipcfg 
     altho you can see that the gateway has changed.  At least with 5.0ai16 
     you can run winipcfg and click Renew All and you're in business.  But 
     with 5.1ap4 you have to reboot because ip gets shut down on that 
     interface.
     
     Michael Medwid
     Symantec Corp.


______________________________ Reply Separator _________________________________
Subject: (ASCEND) DHCP Spoofing/P75 Address Robbing
Author:  MMedwid@symantec.com (Michael Medwid) at Internet
Date:    11/4/97 5:33 PM


     I sent the following message to one of our VIPs in response to a 
     problem he was having bringing his laptop computer home from the 
     office.  He has a routing/NAT using/DHCP spoofing P75 at home.  
     I wondered if anyone else had ever seen this issue...
     
     
     ---
     Bob,
     
     I was able to replicate your IP conflict message when taking a laptop 
     that had been issued an IP address by the LAN based DHCP server and 
     putting that on the home network with a Pipeline 75.  The error message 
     on my laptop is "The system has detected a conflict for 155.64.36.239 
     with 00:C0:7B:71:6E:1A".   
     
     It turns out that 00:C0:7B:71:6E:1A is the mac address of the 
     pipeline.  I ran show arp on the Pipeline and sure enough - the only 
     entry was 155.64.36.236 associated with 00:C0:7B:71:6E:1A on ie0.  The 
     Pipeline had appropriated the IP address associated the laptop's nic 
     (!).  After running winipcfg and releasing the address and rebooting 
     the laptop, everything came up ok (of course we already knew it 
     would).  Unfortunately just clicking "renew" would not work because by 
     that point Win95 had shut down IP on the ethernet interface.  
     
     It looks like a bug with DHCP spoofing on the Pipeline.  I upgraded 
     the code on a Pipeline to the latest version to see if perhaps the 
     issue had been addressed in the intervening months since we first 
     rolled out the routed Pipelines.  But it was to no avail.  
     
     The best advice I can give at this point is to release the IP address 
     using winipcfg right before shutting down for the day.  That should 
     allow you to get up on the first try when you put the laptop on the 
     home network.  Meanwhile I have alerted Ascend of the bug and I'm 
     reiterating the point in this message.  
     
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com 
To get FAQ'd:   <http://www.nealis.net/ascend/faq>

Received: from Mailer.symantec.com (198.6.49.5) by smtp-ima.symantec.com with
SMTP
  (IMA Internet Exchange 2.11 Enterprise) id 00017B8D; Tue, 4 Nov 97 19:08:43
-0800
Received: from max.bungi.com (max.bungi.com [207.126.97.7]) by
Mailer.symantec.com (8.8.4/8.7.6) with ESMTP id TAA28703 for
<MMedwid@symantec.com>; Tue, 4 Nov 1997 19:10:30 -0800 (PST)
Received: (from majordom@localhost)
	by max.bungi.com (8.8.7/8.8.7) id RAA00703
	for ascend-users-outgoing; Tue, 4 Nov 1997 17:37:14 -0800 (PST)
X-Authentication-Warning: max.bungi.com: majordom set sender to
owner-ascend-users using -f
Received: from daver.bungi.com (daver.bungi.com [207.126.97.2])
	by max.bungi.com (8.8.7/8.8.7) with ESMTP id RAA00698
	for <ascend-users@max.bungi.com>; Tue, 4 Nov 1997 17:37:10 -0800 (PST)
Received: from lserver.symantec.com(really [198.6.49.6]) by daver.bungi.com
	via sendmail with esmtp
	id <m0xSuP6-000074C@daver.bungi.com>
	for <ascend-users@bungi.com>; Tue, 4 Nov 1997 17:37:08 -0800 (PST)
	(Smail-3.2.0.94 1997-Apr-22 #8 built 1997-Jun-19)
Received: from smtp-ima.symantec.com (host13-sub76.symantec.com [155.64.76.13])
by lserver.symantec.com (8.8.4/8.7.6) with SMTP id RAA10239 for
<ascend-users@bungi.com>; Tue, 4 Nov 1997 17:45:30 -0800 (PST)
Received: from ccMail by smtp-ima.symantec.com
  (IMA Internet Exchange 2.11 Enterprise) id 0001787D; Tue, 4 Nov 1997 17:38:46
-0800
Mime-Version: 1.0
Date: Tue, 4 Nov 1997 17:33:48 -0800
Message-ID: <0001787D.3152@symantec.com>
From: MMedwid@symantec.com (Michael Medwid)
Subject: (ASCEND) DHCP Spoofing/P75 Address Robbing
To: ascend-users@bungi.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Description: cc:Mail note part
Sender: owner-ascend-users@max.bungi.com
Precedence: bulk

Prev by Date: Re: (ASCEND) re: Ascend's Comedy Voice-Mail
Next by Date: (ASCEND) Firmware for MAX 1800
Prev by thread: (ASCEND) DHCP Spoofing/P75 Address Robbing
Next by thread: RE: (ASCEND) DHCP Spoofing/P75 Address Robbing
Index(es):
- Main
- Thread