From the course: Cisco Network Security: Secure Routing and Switching
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
DHCP spoofing
From the course: Cisco Network Security: Secure Routing and Switching
DHCP spoofing
- [Presenter] Dynamic Host Configuration Protocol dynamically assigns IP addresses. The four step process is discover, offer, request, and acknowledgment. When a host joins the network it doesn't have an IP address. So it begins the DHCP process by broadcasting a discover packet to the network. Because DHCP doesn't have a native authentication process, the client can be a victim of DHCP spoofing. The client may get an offer from the real DHCP server, but in addition it may also get an offer from a rogue DHCP server and it may accept that offer. When a client requests an IP address from a DHCP server, the client has no reassurance that the server is legitimate. In addition, the server has no way of knowing that the client requesting the address is a legitimate client on the network. Rogue clients and servers on a network can cause serious problems as they may be used in a Man in the Middle attack. The attacker configures the rogue server with bogus DNS server and default gateway IP…