DHCP!

[Jeff Vian]

Nelson Guedes Paulo Junior wrote:

>Hi,
>
>I've copied my hard drive to another hard drive using dd. The machines
>are almost the same, but the first one was from another person. After
>  
>
I have seen problems doing this using dd.   If the hard disk is 
IDENTICAL it usually has no problem.  However, if they are not 
identical, the drive copied to becomes exactly like the one copied from. 
CHS and LBA become the same regardless of the actual physical size of 
the drive.  The partition table and the drive physical information are 
overwritten.

Better and more flexibility are achieved by using one of the 
backup/restore applications available such as mondoarchive that copies 
the data but does not overwrite the drive physical configuration.

>the copy, I've noticed that the machine was working in the network, wich
>seems impossible because I have a DHCP server witch atribute IP address per
>MAC address. 
>  
>
Not so impossible.  DHCP assigns an address to an adapter.   If the 
config is set to only allow handing out addresses to known and listed 
devices and to prevent handing out addresses to unknown MAC addresses, 
then yes it should not happen.  (see comments below)
The common config is to set the MAC address/IP address pairs for those 
such as servers that are wanted to have static IP, and to allow most 
others to get addresses in the range allowed.

>After that I've noticed that the file ifcfg-eth0 on my system had the followwing
>line:
>
>HWADDR=xx:xx:xx:xx:xx:xx
>  
>
This line specifies the specific device to be used.  It does not AFAIK 
physically change the MAC address, only ties that MAC address to the 
eth0 device.  Using the redhat-config-network tool will write this line 
with the MAC address ot the adapter that is installed.

>And the MAC in there, was the MAC of the NIC of the first machine, not
>the one I'm running now.
>
>My question is, it's not a security flaw let someone change the MAC that
>way???
>  
>
It can be a flaw if the line physically changes the MAC address reported 
to and used on the network.  See my comment above.  NOTE:  This file is 
written by and can only be modified by the root user on that PC.

With a reread of your comments above it seems the physical MAC address 
may be overlaid by the MAC address from the ifcfg-eth0 file.  That can 
provide a security risk, but must be evaluated in its impact.

It also can be of benefit in cases like you describe where the network 
is set for IP mapping to MAC and different hardware would have a 
different MAC and thus not allowed to connect via DHCP.  A copy of the 
config file would allow that one to connect anyway it seems.