DigitalOcean DNS/ARP Exposure

2 points by JosephRedfern ↗ HN
I'm not sure if this is an issue or not, but I noticed that running tcpdump on a DigitalOcean droplet shows you ARP and DNS requests. This lets you get a list of machines hosted by DigitalOcean... I might be way off here, but could this make DO vulnerable to ARP spoofing?

Made a quick video to demonstrate what I mean: http://www.youtube.com/watch?v=gmNaJCkGFOw

4 comments

[ 2.8 ms ] story [ 21.4 ms ] thread
It might be wise to contact DigitalOcean support (or on their forums) before posting this on a public forum that they probably will not read. Even if you are completely wrong, there is no problem in letting their support know.
I mentioned it on the DO IRC channel, apparently it's being looked into.
Just FYI, I think what you are seeing is normal and arp spoofing is still being blocked. (Open a ticket anyway, We're happy to give people free hosting credits for reporting bugs and security holes.)

-- Jeff Carr Chief Architect Digital Ocean Inc.

Cool, will do. I mentioned it on IRC, but I'll open a ticket too.

By the way - it's nice to see such a pro-active response from DO. Great work!