Ask the Expert

Are rogue DHCP servers a serious network risk?

What risk does a rogue DHCP server pose to a network? Is it a security issue or a nuisance?

    Requires Free Membership to View

Rogue Dynamic Host Configuration Protocol (DHCP) servers are definitely a security issue. Networks use DHCP servers to provide systems with network configuration information. For example, a host might contact a DHCP server to obtain an IP address, default gateway and domain name system (DNS) server information.

Suppose an individual were able to introduce a malicious DHCP server into your environment. That server could then wreak all sorts of havoc on your network. In the best case, it could simply offer every client an identical IP address, resulting in a network outage when all hosts believe they were leased the same address. In the worst case, the rogue server could set the default gateway to be the IP address of an attacker's proxy server. In such a scenario, an attacker could intercept all traffic leaving the host.

For this reason, it's important to ensure that you don't have rogue DHCP servers on your network. Microsoft's DHCP Server Location Utility is a great tool that allows you to search your network for active DHCP servers. You can also provide it with a list of authorized DHCP servers and configure it to alert you immediately if a rogue server is detected. Due to the risks described above, you should take action to immediately disconnect any rogue servers on your network.

More information:

  • In this new Intrusion Defense School lesson, Tom Bowers explains how SIMs can increase your network visibility.
  • Learn other ways to detect a rogue DHCP server.
  • This was first published in April 2007

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: