[pkg-dhcp-devel] Bug#712503: dhcpd is listening on random port for all interfaces
Sergey B Kirpichev
skirpichev at gmail.com
Sun Jun 16 14:42:29 UTC 2013
Package: isc-dhcp-server
Version: 4.2.2.dfsg.1-5+deb70u6
Severity: important
Tags: security
Actually, there are two issues:
1) dhcpd is listening on random port (UDP) for all interfaces, no
configuration option or CLI switch can fix with this situation.
2) moreover, dhcpd is listening for UDPv6 too, even if you include -4
option for dhcpd:
$ cat /etc/default/isc-dhcp-server | sed '/^$/d;/^#/d'
INTERFACES="br0"
OPTIONS="-4"
$ ps w 15686
PID TTY STAT TIME COMMAND
15686 ? Ss 0:00 /usr/sbin/dhcpd -q -4 -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhcpd.pid br0
$ netstat -tulp
[...]
udp 0 0 *:9922 *:* 15686/dhcpd
udp 0 0 home.test:domain *:* 4832/named
udp 0 0 home.test:bootps *:* 15686/dhcpd
udp6 0 0 [::]:37045 [::]:* 15686/dhcpd
PS: See also http://forums.debian.net/viewtopic.php?f=10&t=95273
More information about the pkg-dhcp-devel
mailing list