10 security measures against 10 attacks in a LAN network – Part I

DHCP rogue client

in this attacks addressable DHCP space is exhausted by rogue DHCP clients preventing legitimate clients from having an IP address and access to network services. It’s an example of DoS attack.

IP clients need IP addresses to forward their packets. In addition, they need locally the corresponding destination MAC address to forward frame at layer 2 and reach remote destination. ARP is a layer 2 protocol aimed at IP Address Resolution to MAC for switching purposes in Ethernet LAN network. Some attacks could target this service:

ARP poisoning

The objective here is to correspond an IP address to a fake MAC address hinting the sending part to send traffic to a wrong gateway or destination. Gratuitous ARP mechanism is commonly used for this purpose.

Leave a Reply