Lisa Bock shows how an attacker can use Yersinia’s rogue DHCP attack panel and launch a rogue DHCP server, and can be effective in a man-in-the-middle attack.
- [Narrator] When setting up a DHCP Server…you include information on the address pool,…exclusions, lease time,…and then you supply information for the client…on the IP address of the DNS server and default gateway.…When a client joins the network and requests an IP address,…the DHCP server supplies the information.…When an unauthorized or rogue server is on your network,…it can start supplying clients with bogus information…that points the victims to the wrong default gateway…and DNS server.…
The victim may be unaware…that they have the wrong information.…When the client has the wrong default gateway,…the attacker is essentially a man in the middle,…and can capture and sniff any traffic…destined to the gateway such as:…usernames and passwords sent in the clear,…and then they forward it to the real gateway.…In addition, an attacker can create a rogue DNS server,…so they can design a fishing website to send the client…in order to obtain confidential information such as:…credit cards and passwords.…
Yersinia has a Rogue DHCP attack panel.…
Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Sniffing network traffic
- Passive vs. active attacks
- Comparing IPv4 to IPv6
- MAC and macof attacks
- Investigating DHCP attacks
- Detecting ARP and DNS spoofing
- Sniffing tools and techniques
Skill Level Beginner
1. Sniffing Overview
2. MAC Attacks
6. Sniffing Tools and Techniques
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.