O'Reilly logo

Implementing Cisco Networking Solutions by Harpreet Singh

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

DHCP snooping

Organizations use DHCP servers to assign IP addresses to end hosts. The hosts connect to untrusted ports on the access layer. Attackers can use DHCP to attack hosts by running a local DHCP server that is connected on a host connected to an access port. If no safeguards are applied, all hosts on the LAN would get IP addresses from the rogue DHCP server, including the gateway address and other information such as the DNS servers and so on, and the attacker can misguide the hosts on the network to sending packets via routers and DNS servers that can cause additional damage, such as data spoofing, and so on.

The DHCP snooping feature provides a mechanism to differentiate an untrusted switch port connected to an end user from a trusted ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required