We recently had our internet router scanned by a network security company and one of the potential security issues they saw was port 67 "dhcp" being advertised. I'm not sure why it is being advertised since I don't have it enabled anywhere in the config and bootp is specifically disabled. Any idea how to eliminate it ?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DHCP Advertisement
- Thread starter raceman3
- Start date
Its not 'advertised' as such - what they mean is they did a port scan on your IP network or IP address (if you have a single device connected such as a firewall etc). When they tried to send a packet to UDP port 67 it was 'open' on your device; i.e. your device is 'listening' on that port. I assume you have a server connected and it is running DHCP but you haven't disabled that service on the ISP facing NIC.
Andy
Andy
- Thread starter
- #3
You could add an ACL to deny access to this (these) ports:
ip access list extended STOP-DHCP
deny udp any any range 67 68
permit ip any any
I would assume thought that you already have an ACL attached to your ISP facing router, in which case you would need to add the deny statement to this ACL.
Andy
ip access list extended STOP-DHCP
deny udp any any range 67 68
permit ip any any
I would assume thought that you already have an ACL attached to your ISP facing router, in which case you would need to add the deny statement to this ACL.
Andy
- Thread starter
- #6
- Status
Similar threads
