A rogue DHCP server is a DHCP server on a network which is not under the administrative control of the network staff. It is a network device such as a modem or a router connected to the network by a user who may be either unaware of the consequences of their actions or may be knowingly using it for network attacks such as man in the middle. Some kind of computer viruses or malicious software have been found to set up a rogue DHCP, especially for those classified in the category.
As clients connect to the network, both the rogue and legal DHCP server will offer them IP addresses as well as default gateway, DNS servers, WINS servers, among others. If the information provided by the rogue DHCP differs from the real one, clients accepting IP addresses from it may experience network access problems, including speed issues as well as inability to reach other hosts because of incorrect IP network or gateway. In addition, if a rogue DHCP is set to provide as default gateway an IP address of a machine controlled by a misbehaving user, it can sniff all the traffic sent by the clients to other networks, violating network security policies as well as user privacy (see man in the middle). VMware or virtual machine software can also act as a rogue DHCP server inadvertently when being run on a client machine joined to a network. The VMware will act as a rogue DHCP server handing out random IP addresses to the clients around it on the network. The result can be that large portions of the network are then cut off from both the Internet and the rest of the domain without any access at all.
A rogueDHCP server is a DHCP server on a network which is not under the administrative control of the network staff. It is a network device such as a...
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP...
clients on a LAN. DHCP snooping can be configured on LAN switches to exclude rogueDHCP servers and remove malicious or malformed DHCP traffic. In addition...
access, resulting in a denial of service. The adversary can then set up a rogueDHCP server so that clients receive incorrect network settings and as a result...
malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour...
countermeasures include: Various approaches to detection of ARP spoofing, rogueDHCP servers and other "man-in-the-middle" tricks in the network by network...
to other computers within a LAN by mimicking a DHCP server, pointing other computers toward the rogue DNS servers. In its indictment against Rove, the...
security posture. When a network device (switch, router, wireless access point, DHCP server, etc.) is configured for NAC, it can force user or machine authentication...
themselves between the victim and the web server (e.g., by setting up a rogue wireless hotspot). This vulnerability also requires access to the victim's...
Benne de Weger (2008-12-08). "MD5 considered harmful today - Creating a rogue CA certificate". Technische Universiteit Eindhoven. Retrieved 2009-04-19...
address. Typical wireless access points provide IP addresses to clients via DHCP. Requiring clients to set their own addresses makes it more difficult for...
needed] In May 2002 the final release of Select 1 was shipped that included; DHCP client Multi-User support and logon Preview versions of new printer support...
NetMeeting 3.01 and MSN Explorer 6 DHCP client alternate configuration to support more than one network or in the case when a DHCP server is not available The...