At work I have frequent problems with DHCP within different networks (subnets) while using our WLAN which uses the same band for different subnets (donšt ask my why, wasnšt my choice). The gateway and DNS settings have nothing to do with each other and I know for sure that the DNS server IP's donšt have to be assigned via DHCP and might have been entered manually. DHCP Fixes the values if the lease expires, at work we use a 2 day lease and at home I use a 30 day lease but this could be anywere from a hour to a few years depending on how the other site set up its DHCP server. If you awaken a trusted laptop in a untrusted zone you could get the IP addresses it would be trying to talk to and perhaps some interesting data if it was trying to multicast but this would most likely be a very rare case. Some of this is probably wrong since its about 3:30 and im tired but the other people on the list should be able to give you better comments. On 7/2/01 12:09 AM, "Andrew Daviel" <andrewat_private> wrote: > > Recently a laptop brought onsite here from another site triggered > an IDS alert. > > It seems the laptop was placed in hibernate mode at > the other site then awakened on our network. It proceeded to use in-RAM > network settings and sent a flurry of DNS requests to offsite servers. > I believe it was running DHCP and don't fully understand how it was > able to find the new gateway without changing the DNS settings too. > > Clearly laptops using static settings are going to use old values if > the owner forgets, but I thought DHCP fixed that. > > I have a feeling that there might be more subtle security issues > relating to hibernating a system in a trusted environment and awakening it > in an untrusted one, apart from user education issues, but can't put my > finger on any just now.
This archive was generated by hypermail 2b30 : Wed Jul 04 2001 - 12:29:44 PDT