Package: isc-dhcp-server Version: 4.2.2.dfsg.1-5+deb70u6 Severity: important Tags: security
Actually, there are two issues: 1) dhcpd is listening on random port (UDP) for all interfaces, no configuration option or CLI switch can fix with this situation. 2) moreover, dhcpd is listening for UDPv6 too, even if you include -4 option for dhcpd: $ cat /etc/default/isc-dhcp-server | sed '/^$/d;/^#/d' INTERFACES="br0" OPTIONS="-4" $ ps w 15686 PID TTY STAT TIME COMMAND 15686 ? Ss 0:00 /usr/sbin/dhcpd -q -4 -cf /etc/dhcp/dhcpd.conf -pf /var/run/dhcpd.pid br0 $ netstat -tulp [...] udp 0 0 *:9922 *:* 15686/dhcpd udp 0 0 home.test:domain *:* 4832/named udp 0 0 home.test:bootps *:* 15686/dhcpd udp6 0 0 [::]:37045 [::]:* 15686/dhcpd PS: See also http://forums.debian.net/viewtopic.php?f=10&t=95273 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
