What is DHCP?
Dynamic Host Configuration Protocol ( DHCP ) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network.
DHCP work on DORA concept.
1. Client makes a UDP Broadcast to the server with a DHCP is cover, or Discover packet.
2. DHCP offers to the client. The server sends a DHCP Offer including other configuration parameters (DHCP Options) for the client per the servers configuration file
3. In response to the offer Client requests the server. The client replies DHCP Request, unicast to the server, requesting the offered address.
4.The server sends DHCP Ack acknowledging the request which is the clients final permission to take the address as offered. Before sending the ack the server double checks that the offered address is still available, that the parameters match the clients request and (if so) marks the address taken.
Attack on DHCP Server :-
Open the Kali Linux terminal and type the command root@kali:~yersinia -G to open the GUI interface of yersinia. Now click on the Launch Attack option and select the DHCP option. now select the Sending DISCOVER packet option for your attack.and click on the OK. now it will start the attack on DHCP server , it will send ton of packets on your DHCP server within second. With Yersinia , you are able to attack on CDP , DHCP , 802.1Q , 802.1X ,DTP , HSRP, ISL , STP and VTP protocols.
Countermeasures or Mitigation :-
You need to be enable DHCP Snooping on the CiscoSwitches:-
DHCP snooping allows the configuration of ports as trusted or Untrusted ports cannot process DHCP replies Configure DHCP snooping on uplinks to a DHCP server Do not configure DHCP snooping on client ports. Configuring DHCP Snooping
Note :- This Tutorial is for Education Purpose only.
Post a Comment