Rogue DHCP Server | Man-in-the-Middle Attack



NEW DISCORD SERVER: https://certbros.com/discord

————————————————————————————————————— –~–
MY FULL CCNA COURSE
πŸ“Ή Register your interest – https://www.certbros.com/Course-Interest

HOW TO PASS THE CCNA
πŸ“š Get a great book – https://amzn.to/3f16QA5
πŸ“Ή Take a video course – https://www.certbros.com/Course-Interest
βœ” Use practice exams – https://www.certbros.com/ccna/Exsim

SKILLSHARE COURSES
Landing your dream job takes more than just technical skills. Skillshare is a great place to learn all the soft skills you need to be successful. Use the below link for a free 14-day trial.
πŸ“Ί https://skillshare.eqcm.net/vnzRkO

THE SOFTWARE I USE TO MAKE VIDEOS
πŸ—― Animations – https://www.certbros.com/AfterEffects
πŸ“Ί Video editing – https://www.certbros.com/PremierPro

SOCIAL
🐦 Twitter – https://twitter.com/certbros
πŸ“Έ Instagram – https://www.instagram.com/certbros
πŸ‘” LinkedIn – https://www.linkedin.com/company/certbros

Disclaimer: These are affiliate links. If you purchase using these links, I’ll receive a small commission at no extra charge to you.

—————————————————————————————————————

Before we start, I need to stress that this video is for informational purposes only. If you know how these attacks work, then you can better defend against them. Do not try this on any system that you do not own or have permission to do so.

DHCP, or Dynamic Host Configuration Protocol, is used to assigned IP address information to computers automatically within a network.

By default, the network is very trusting of any computer claiming to be a DHCP server. Attackers can use this trust to perform a malicious man-in-the-middle attack called Rough DHCP Server or DHCP Spoofing.

This is done by an attacker claiming to be a DHCP server and replying to DHCP messages. The idea is that the rogue DHCP server will assign IP address information but listing itself as the default gateway. This means all traffic destined for the default gateway can be read by the attacker.

In a corporate network, this attack can be avoided by using a feature called DHCP snooping. DHCP snooping is where a switch will drop frames claiming to be a DHCP server on any interface that isn’t manually configured as trusted.

source