- In computer networking, DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure. When DHCP servers are allocating IP addresses to the clients on the LAN,
DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic, or rogue DHCP servers
https://en.wikipedia.org/wiki/DHCP_snooping
- 1. What is DHCP snooping? DHCP snooping is a layer 2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients.
Rogue DHCP servers are often used in man in the middle or denial of service attacks for malicious purposes. However, the most common DoS scenario is that of an end-user plugging in a consumer-grade router at their desk, ignorant that the device they plugged in is a DHCP server by default.
2. What traffic will DHCP snooping drop?
DHCP snooping will drop DHCP messages from a DHCP server that
DHCP messages where the source MAC and embedded client hardware MAC do not match will also
DHCP snooping will also drop messages that release a lease or decline an offer,
3. How does DHCP snooping track information? DHCP snooping stores its observations in a database containing the client MAC address, DHCP assigned IP address, remaining lease time, VLAN, and
https://packetpushers.net/five-things-to-know-about-dhcp-snooping/
No comments:
Post a Comment