- Rogue DHCP
A rogue DHCP server is a DHCP server on a network which is not under the administrative control of the network staff. It is usually a network device such as a modem or a router connected to the network by a user unaware of the consequences of his actions, though it can also be knowingly used for network attacks such as
man in the middle .As clients connect to the network, both the rogue and legal DHCP server will offer them
IP address es as well as default gateway, DNS servers, WINS servers, among others. If the information provided by the rogue DHCP differs from the real one, clients accepting IP addresses from it may experience network access problems, including speed issues as well as inability to reach other hosts because of incorrect IP network or gateway. In addition, if a rogue DHCP is set to provide as default gateway an IP address of a machine controlled by a misbehaving user, he can sniff all the traffic sent by the clients to other networks, violating network security policies as well as user privacy (seeman in the middle ).Rogue DHCP servers can be stopped by means of
intrusion detection system s with appropriate signatures as well as by some multilayer switches, which can be configured to drop the packets.
Wikimedia Foundation. 2010.