DHCP Spoofing

DHCP stands for “Dynamic Host Configuration Protcol”. It has been created to automatically assign IP addresses to any device that requests an IP address. A DHCP server allows devices to request IP addresses and networking parameters automatically, decreasing the need for a network administrator or a user to configure these settings manually. So when a new device connects to the network, the DHCP server would assign an IP address and the gateway.

The DHCP requests are made in the form of broadcasts. The purpose behind this attack is to send a reply to the victim machine before the real DHCP does. In case we are able to successfully accomplish this, we are able to manipulate the following things:
1. The IP address of the victim
2. Default gateway
3. DNS address

Since we are able to change the gateway, we can point the victim’s gateway to a fake IP address and therefore cause a Denial of Service (DoS) attack. In cases where we want to sniff the traffic, we can start a DHCP spoofing attack, and this can be done by changing the default gateway of the victim to our IP address and therefore be able to intercept all the traffic that the victim sends.

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience