DHCP spoofing is a type of attack in that the attacker listens for DHCP Requests from clients and answers them with fake DHCP Response before the authorized DHCP Response comes to the clients. The fake DHCP Response often gives its IP address as the client default gateway -> all the traffic sent from the client will go through the attacker computer, the attacker becomes a “man-in-the-middle”.
The attacker can have some ways to make sure its fake DHCP Response arrives first. In fact, if the attacker is “closer” than the DHCP Server then he doesn’t need to do anything. Or he can DoS the DHCP Server so that it can’t send the DHCP Response.
DHCP snooping is a security feature that can prevent DHCP spoofing attacks. DHCP snooping is a Cisco Catalyst feature that determines which switch ports can respond to DHCP requests. Ports are identified as trusted and untrusted.
Only ports that connect to an authorized DHCP server are trusted, and allowed to send all types of DHCP messages. All other ports on the switch are untrusted and can send only DHCP requests. If a DHCP response is seen on an untrusted port, the port is shut down.
» Tin mới nhất:
- HƯỚNG DẪN PHƯƠNG PHÁP KIỂM THỬ SCRUM (18/10/2020)
- Giới thiệu về AGILE TESTING (18/10/2020)
- Kỹ năng cá nhân đối với phân tích viên hệ thống (18/10/2020)
- Kỹ năng phân tích đối với phân tích viên hệ thống (18/10/2020)
- Thư viện liên kết động (18/10/2020)
» Các tin khác:
- Con người trong hệ cơ sở dữ liệu (17/10/2020)
- Ngôn ngữ hệ quản trị (17/10/2020)
- Quản lý các không gian bảng trong DB2 (11/10/2020)
- Không gian bảng trong DB2 (11/10/2020)
- Tạo một vùng đệm trong DB2 (18/09/2020)
- Mô hình lưu trữ của DB2 (18/09/2020)
- TEST ANALYSIS (18/09/2020)
- KIỂM THỬ REST API (P1) (18/09/2020)
- Assigning a Port to a VLAN (18/09/2020)
- Phép toán gán kết hợp trong C/C++ (18/09/2020)
