[Bug 1176046] Re: isc-dhcp dhclient listens on extra random ports

Rodney Beede 1176046 at bugs.launchpad.net
Mon May 6 15:50:25 UTC 2013 

I found the cause from a helpful thread at
http://forums.debian.net/viewtopic.php?f=10&t=95273

The NSUPDATE dns functionality in dhclient automatically causes it to
listen on two random UDP ports.  This could pose a security issue since
the client will accept packets on these ports.

The current fix is to modify the source code to disable the
functionality as per the thread mentioned above.  Doing so stops it from
listening on the random ports.

I have filed a bug with ISC, bug number [ISC-Bugs #33377] asking for
documentation about this feature (none exists currently about why the
ports are opened) as well as a run-time configuration option with a
default value to disable it.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1176046

Title:
  isc-dhcp dhclient listens on extra random ports

Status in “isc-dhcp” package in Ubuntu:
  New

Bug description:
  Ubuntu 13.04 Server 64-bit.  Fresh install.  Only one network adapter.

  dhclient process is listening on two randomly chosen udp ports in
  addition to the usual port 68.  This appears to be a bug in the
  discovery code for probing information on interfaces in the system.

  Initial research of the code also suggested omapi, but adding omapi
  port 9999 to /etc/dhcp/dhclient.conf only opened a forth port with the
  two random udp ports still enabled.

  Version of included distro dhclient was 4.2.4.  I also tested with the
  latest isc-dhclient-4.2.5-P1 and got the same results.

  Debian has the same bug:
  http://forums.debian.net/viewtopic.php?f=10&t=95273&p=495605#p495605

  One impact of these random ports is that security hardening becomes
  more difficult.  The purpose of these random ports and security
  implications are unknown.

  
  Example netstat -lnp  output:

  udp        0      0 0.0.0.0:21117           0.0.0.0:*                           2659/dhclient   
  udp        0      0 0.0.0.0:68              0.0.0.0:*                           2659/dhclient   
  udp6       0      0 :::45664                :::*                                2659/dhclient

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1176046/+subscriptions

More information about the foundations-bugs mailing list