DHCP/mDNS Injection Issues

In the previous post I’ve talked about how someone can poison local name servers (nasty things like registering a wpad name) through DHCP. In this post, I would like to draw your attention on various other injection issues that come into mind when we are dealing with that very same protocol. The reason for all these issues is because people tend to trust certain known protocols far too much than they should. [...]

more | comments | comments rss | posted by