Threats to DHCP Servers

If attackers are able to compromise a DHCP server on the network, they might disrupt network services, preventing DHCP clients from connecting to network resources. By gaining control of a DHCP server, attackers can configure DHCP clients with fraudulent TCP/IP configuration information, including an invalid default gateway or Domain Name System (DNS) server configuration.

The following threats exist when you implement DHCP on your network:

  • Unauthorized DHCP servers can issue incorrect TCP/IP configuration information to DHCP clients.

  • DHCP servers can overwrite valid DNS resource records with incorrect information.

  • DHCP can create DNS resource records without ownership defined.

  • Unauthorized DHCP clients can obtain IP addresses ...

Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.