中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeNetworking TechnologiesLAN: Local Area Network

DHCP Starvation Attack

DHCP starvation attack works by broadcasting DHCP requests with spoofed MAC addresses. This is easily achieved with attack tools such as gobbler. If enough requests are sent, the network attacker can exhaust the address space available to the DHCP servers for a period of time. Subsequently, a legitimate user is denied when requesting a DHCP IP address and thus is not able to access the network. DHCP starvation may be purely a denial of service (DoS) mechanism or may be used in conjunction with a malicious rogue server attack to redirect traffic to a malicious computer ready to intercept traffic.

When the normal DHCP server is down, the network attacker can then set up a rogue DHCP server on his or her system and respond to new DHCP requests from clients on the network. An intruder may issue an address with DNS server information or default gateway information that redirects traffic to a computer under the control of the intruder.

DHCP Starvation Attack Mitigation

By limiting the number of MAC addresses on a switch port will reduce the risk of DHCP starvation attack. When more systems implement the RFC 3118, Authentication for DHCP Messages, DHCP starvation attacks will become more difficulty.

Related Terms: IPsec, IEEE 802.1x, VLAN/a>, Spanning Tree Protocol

‹ ARP Spoofing, ARP Poison and ARP AttackupEthernet Overview ›