Rogue DHCP server
Another effective attack that is possible once an attacker and victim share the same wireless network is the deployment of a rogue DHCP server to service clients. The attacker will attempt to get their targets to acquire an address from them rather than the legitimate DHCP server on the network. DHCP, or Dynamic Host Configuration Protocol, is a popular method to hand out IP addresses from a pool of addresses to clients that connect to the network. It eliminates the need to statically configure IP addresses on all clients where it is impractical, such as client segments where clients come on and go off the network frequently, or impossible, such as public hotspots or other guest wireless scenarios.
DHCP works in a broadcast, response fashion where a client connecting to a network sends a request for an IP address via DHCPDISCOVER
and DHCPREQUEST
and the DHCP server will respond with the addressing information via DHCPOFFER
and DHCPACK
(or acknowledgement). This process is...