|
|
|
|
|
|
by agwa
773 days ago
|
|
|
Whoops, I posted too early in the morning, I meant to say "malicious subnet mask" :-) Basically, the DHCP server sends a subnet mask for an absolutely huge subnet (e.g. a /2), and the route for that subnet takes precedence over the VPN route. The attacker can only intercept 25% of the IPv4 address space with a /2 but that's still pretty bad. |
|
|