DHCP Attacks and Defense Strategies

Рет қаралды 18,430

2 жыл бұрын

Check Out the 1st Module from a Course for FREE
kwtrain.com/course-samples
***********************************
In this video, you'll see how an attacker might launch a DHCP attack against your network, and you'll learn how to defend yourself. For example, an attacker might flood your DHCP server with thousands of DHCP Discover messages, which can very quickly deplete your DHCP server's pool of IP addresses.
You'll see how an attacker might launch such an attack using a utility called Yersinia, and then you'll see how to configure Port Security to prevent such an attack.
However, that still doesn't prevent an attacker from adding a rogue DHCP server to the network and possibly handing out incorrect IP address information to clients. So, we'll then dive into the configuration of DHCP Snooping, which can block DHCP Offer messages from any untrusted DHCP server.
These topics are covered both on the Certified Ethical Hacker (CEHv11) exam blueprint, and they're also helpful in your Cisco CCNA and CCNP Enterprise studies.
Enjoy the training!
NOTE: This channel does not endorse or encourage malicious or illegal activity using hacking tools.
=====================================================
Don't miss a single one of Kevin's KZfaq videos. Subscribe here:
kzfaq.info
=====================================================
=====================================================
Kevin Wallace, CCIEx2 #7945 Emeritus (Collaboration and R&S)
Homepage: kwtrain.com
Twitter: kwallaceccie
Facebook: kwallaceccie
KZfaq: kzfaq.info
LinkedIn: linkedin.com/in/kwallaceccie
=====================================================
=====================================================
If you enjoyed this video, here is the video title and also the link for you to share:
DHCP Attacks and Defense Strategies
kzfaq.info/get/bejne/at-lh5h8t524gpc.html
=====================================================

Пікірлер: 24

@imrane9382 5 ай бұрын

Thanks for the interesting information. One thing to add is that the DHCP pool is not exhausted from DHCPDISCOVER messages, but from a complete DORA process that it is faked by Yersinia which means that for every DISCOVER, an OFFER will be sent from the router, then a REQUEST from Yersinia will be sent to finally recieve an ACK to create a binding in the DHCP server, which is the router in your example.

@darkreed3486 2 жыл бұрын

Great job. You are so fluent and professional with the terms. By far the best on KZfaq.

@soroushsarkari9977 2 жыл бұрын

Thank you Kevin. I really enjoy watching your videos and learning new stuff. Thanks a looooooooot

@numansmail 2 жыл бұрын

Thank you Kevin...another great recap as usual, looking forward to the DAI video

@gupttura2766 2 жыл бұрын

Great video...thank you Mr Wallace. One other thing I noticed was Switch actually can show you ip addresses attached to specific ports by using dhcp snooping. This is great.

@CyberVoidW 2 ай бұрын

Great video and demonstration. Thankyou!

@NeonNotch 2 жыл бұрын

Kevin, you’re invaluable. Thank you!

@tahersadeghi6773 Жыл бұрын

Thank you, Kevin, for another classic video.

@JapsSims 2 жыл бұрын

Thanks for another great learning video Kevin!

@fabrice9848 2 жыл бұрын

Thank you Kevin.

@matteo910 Жыл бұрын

Love your vid format

@faris928 2 жыл бұрын

Thanks for sharing

@cihangirakyol4170 3 ай бұрын

Great video and one question. Since a NON trusted port will never accept any DHCP offers, why SEND OUT the DHCP request out of that port in the first place ? All DHCP messages can be blocked from being transmitted OUT from NON trusted ports hence reducing the traffic, say after something like a power outage ? Thanks

@adir6375 2 жыл бұрын

Thank You !

@ericluchman3874 2 жыл бұрын

Very good video.

@grandfatherm5774 2 жыл бұрын

God bless you

@BeingCrazy-bv5im Жыл бұрын

What should we do about wireless devices and wireless access point? which assign ip to multiple devices.

@TheFancepants Жыл бұрын

DORA DORA DHCP EXPLORER 🤟 - I giggled so much at this and I will now DEF remember lol

@Wahinies 3 ай бұрын

Is there a hardening or IDS for DHCP Coerce?

@ramik911 2 жыл бұрын

What if the DHCP server is a virtual machine on ESXi and not connected directly to the switch, can we still use DHCP snooping? shall we configure it on the trunk port?