13 DHCP Snooping

This chapter covers

DHCP-based attacks such as DHCP poisoning
How DHCP Snooping protects against DHCP-based attacks
Configuring DHCP Snooping on Cisco IOS switches

DHCP is almost ubiquitous in modern networks, allowing for the automatic configuration of IP addresses, netmasks, default gateways, DNS servers, and other configuration information on hosts; we covered DHCP in chapter 4. However, DHCP contains vulnerabilities that can be exploited if sufficient care is not taken. We looked at one example in chapter 11: DHCP exhaustion, which is a type of DoS attack that prevents legitimate user devices from leasing IP addresses from a DHCP server.

In this chapter, we’ll cover DHCP Snooping, a security feature on Cisco switches that ...

Get Acing the CCNA Exam, Volume 2 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Acing the CCNA Exam, Volume 2 by Jeremy McDowell

13 DHCP Snooping

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly