![]() ![]() If the subsequent DHCP packet received from untrusted hosts fails to match with the information, it will be dropped.Ĭommon Attacks Prevented by DHCP Snooping DHCP Spoofing AttackĭHCP spoofing occurs when an attacker attempts to respond to DHCP requests and trying to list itself (spoof) as the default gateway or DNS server, hence, initiating a man in the middle attack. It writes down the MAC address of the host, the leased IP address, the lease time, the binding type, and the VLAN number and interface information associated with the host, as is shown in Figure 3. In the acknowledgment stage, a DHCP binding table will be created according to the DHCP ACK message. If the DHCP Snooping is initiated, the DHCP offer message can only be sent through the trusted port. An untrusted port is a port from which DHCP server messages are not trusted. A trusted port is a port or source whose DHCP server messages are trusted. With DHCP enabled, a network device without IP address will "interact" with the DHCP server through 4 stages as follows.ĭHCP Snooping generally classifies interfaces on the switch into two categories: trusted and untrusted ports as shown in Figure 2. To figure out how DHCP Snooping works, we must catch on the working mechanism of DHCP which stands for dynamic host configuration protocol. ![]() Utilizes the DHCP Snooping binding database to validate subsequent requests from untrusted hosts. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |