Rogue DHCP

Rogue DHCP

A rogue DHCP server is a DHCP server on a network which is not under the administrative control of the network staff. It is usually a network device such as a modem or a router connected to the network by a user unaware of the consequences of his actions, though it can also be knowingly used for network attacks such as man in the middle.

As clients connect to the network, both the rogue and legal DHCP server will offer them IP addresses as well as default gateway, DNS servers, WINS servers, among others. If the information provided by the rogue DHCP differs from the real one, clients accepting IP addresses from it may experience network access problems, including speed issues as well as inability to reach other hosts because of incorrect IP network or gateway. In addition, if a rogue DHCP is set to provide as default gateway an IP address of a machine controlled by a misbehaving user, he can sniff all the traffic sent by the clients to other networks, violating network security policies as well as user privacy (see man in the middle).

Rogue DHCP servers can be stopped by means of intrusion detection systems with appropriate signatures as well as by some multilayer switches, which can be configured to drop the packets.

Rogue DHCP servers can be detected usingJoel Dubin [http://searchsecurity.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid14_gci1174495,00.html Detect rogue DHCP servers, routers and NICs on a network] ] :
* [http://www.net.princeton.edu/software/dhcp_probe/ dhcp_probe] (UNIX)
* [http://technet2.microsoft.com/WindowsServer/en/library/8fa42e83-ec08-4a9b-9057-8909f7ed433e1033.mspx dhcploc.exe] (Win32) in ResourceKit

* [http://www.sqlsecurity.com/Tools/CommercialTools/tabid/71/Default.aspx DHCP Sentry] (Win32) - DHCP Sentry tool
* [http://trac.secdev.org/scapy/wiki/IdentifyingRogueDHCPServers Scapy] (Python)

References


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Rogue DHCP — Ein rogue DHCP Server stört den Betrieb eines mittels DHCP verwalteten lokalen Netzwerks. Er agiert als eigenständiger Server, der neben dem im Netzwerk vorgesehen Server existiert. Ein rogue DHCP Server kann für Angriffe auf ein Netzwerk… …   Deutsch Wikipedia

  • DHCP — (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel: Anwendung… …   Deutsch Wikipedia

  • DHCP-Server — DHCP (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel:… …   Deutsch Wikipedia

  • Peg DHCP — is a method defined in RFC 2322 to assign IP addresses in a context where regular DHCP wouldn t work. The server hands out wooden clothes pegs numbered with the IPs to allocate and an additional leaflet with network information. The client ,… …   Wikipedia

  • DHCPv6 — DHCP (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel:… …   Deutsch Wikipedia

  • Leasezeit — DHCP (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel:… …   Deutsch Wikipedia

  • RFC 2131 — DHCP (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel:… …   Deutsch Wikipedia

  • Dynamic Host Configuration Protocol — DHCP redirects here. For other uses, see DHCP (disambiguation). A DHCP Server settings tab The Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol for hosts on Internet Protocol (IP) networks. Computers that are… …   Wikipedia

  • Dynamic Host Configuration Protocol — DHCP (Dynamic Host Configuration Protocol) Familie: Internetprotokollfamilie Einsatzgebiet: Automatischer Bezug von IP Adressen und weiteren Parametern Ports: 67/UDP (Server oder Relay Agent) 68/UDP (Client) DHCP im TCP/IP‑Protokollstapel:… …   Deutsch Wikipedia

  • Point-to-Point Protocol over Ethernet — PPPoE, Point to Point Protocol over Ethernet, is a network protocol for encapsulating Point to Point Protocol (PPP) frames inside Ethernet frames. It is used mainly with ADSL services where individual users connect to the ADSL transceiver (modem) …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”