Parsing DHCP Server Logs
Dynamic Host Configuration Protocol (DHCP) is a service provided by a server in which an IP address is dynamically assigned upon request by a host machine. Microsoft server products (such as Windows Server 2008) provide DHCP service if enabled and configured. When a DHCP server is providing the service and listening for requests on the network, a requesting host requests an IP address. The DHCP server then assigns the IP address and other network settings required to connect to a local area network to the requesting host, provided the host meets any established rules that may be configured.
Figure 11-5 shows a Windows 7 host that is configured to obtain an IP v4 address automatically. What this really means is that it ...
Get Mastering Windows Network Forensics and Investigation, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
