Next we will mainly explain the content of DHCP Server Spoofing. Including its organization and structure, and service content functions. I briefly describe these contents and hope you will have an impression on them. In the subsequent articles, we will explain them separately.
DHCP Server Spoofing
The attacker sets up an illegal DHCP server on the vswitch and sends the IP address to the DHCP server from which the client sends the IP address in the client network. The attacker takes the IP address based on the character) attackers can direct the client's gateway to themselves, so they can get all the data packets from the client, and then relay the data packets to the real gateway, but the client does not feel the same.
Defense methods
Configure DHCP Server Spoofing
To configure ip dhcp Server Spoofing
1. enable DHCP Snooping globally (required)
Ip dhcp snooping
2. Enable on vlan
Ip dhcp snoping vlan 11-200
3. It is an important command to enable DHCP Trust on the interface. By default, after dhcp snooping is enabled globally, all interfaces are untrust and can only be connected to PCs, configure trust under the interface connected to the access layer switch. The untrust interface can only send DHCP requests, and other DHCP-related packets are discarded)
Ip dhcp snooping trust
4. You can configure the dhcp packet rate on the Interface connected to the pc.
Ip dhcp snooping limit rate: 100