Difference between revisions of "DHCP spoof attack"
From Teknologisk videncenter
m (New page: A DHCP Spoof attack is a illegal DHCP server setup in a LAN environment which configures the clients with wrong IP information. The illegal DHCP server can configure the clients with it se...) |
m |
||
| Line 1: | Line 1: | ||
| − | A DHCP Spoof attack is a illegal DHCP server setup in a LAN environment which configures the clients with wrong IP information. The illegal DHCP server can configure the clients with it self as the default gateway, in which case all non-local traffic will be sent to the illegal DHCP server where the intruder can inspect or alter the packets before they are sent on to the real gateway. this is known as a ''man in the middle'' attack | + | A DHCP Spoof attack is a illegal DHCP server setup in a LAN environment which configures the clients with wrong IP information. The illegal DHCP server can configure the clients with it self as the default gateway, in which case all non-local traffic will be sent to the illegal DHCP server where the intruder can inspect or alter the packets before they are sent on to the real gateway. this is known as a ''man in the middle'' attack. |
| + | = Protecting against DHCP spoof attack = | ||
| + | On the ''access'' switches you can protect against spoofing | ||
| + | <pre> | ||
| + | ip dhcp spoofing | ||
| + | interface GigabitEthernet0/1 | ||
| + | description Trunk to Distribution layer and DHCP server | ||
| + | ip dhcp snooping trust | ||
| + | </pre> | ||
[[Category:Network]][[Category:Security]][[Category:CCNP]][[Category:CCNP3]] | [[Category:Network]][[Category:Security]][[Category:CCNP]][[Category:CCNP3]] | ||
Revision as of 07:35, 6 May 2009
A DHCP Spoof attack is a illegal DHCP server setup in a LAN environment which configures the clients with wrong IP information. The illegal DHCP server can configure the clients with it self as the default gateway, in which case all non-local traffic will be sent to the illegal DHCP server where the intruder can inspect or alter the packets before they are sent on to the real gateway. this is known as a man in the middle attack.
Protecting against DHCP spoof attack
On the access switches you can protect against spoofing
ip dhcp spoofing interface GigabitEthernet0/1 description Trunk to Distribution layer and DHCP server ip dhcp snooping trust