SlideShare uma empresa Scribd logo

How to prevent DHCP spoofing in network

KHNOG
KHNOG

This document discusses how to configure DHCP snooping on a network switch to prevent DHCP spoofing attacks. It provides an overview of DHCP snooping functionality, describes trusted and untrusted sources, and outlines the impacts of unauthorized DHCP servers. Configuration steps are presented to enable DHCP snooping globally, on specific VLANs, and to configure trusted ports connected to the legitimate DHCP server. Verification commands are also included to view the DHCP snooping binding table.

Tecnologia
1 de 14
Baixar para ler offline
Topic:  How  to  prevent  DHCP  Spoofing  In  Network ROEURM  Channa  (Mr.) channa.roeurm@gmail.com       28-­‐‑October  2015 “  Sharing  Is  The  Best  Of  Communication  &  SMARTER  TEAM  “  
Presenta(on  Objec(ve:      1/.  DHCP  Server  in  Network        2/.  Overview  of  DHCP  Snooping      3/.  Trusted  and  Untrusted  Sources      4/.  DHCP  ACacker  Impact  to  Network      6/.  DHCP  Snooping  Feature      7/.  DHCP  Snooping  ConfiguraJon      8/.  QuesJon  and  Answer  
DHCP  Server  in  Network   Trusted     DHCP   Server  
DHCP  Server  in  Network                                                  Un-­‐Trusted                                                                                                                DHCP  Sever    
Trusted  and  Untrusted  Sources     Trusted  Host:  devices  under  your  administraJve  control  are  trusted  sources   include  the  switches,  routers,  and  servers  in  your  network.     Untrusted  Host:  A  DHCP  server  that  is  on  your  network  without  your   knowledge  on  an  untrusted  port  is  called  a  spurious  load  DHCP  server       Spurious  DHCP  Server  !    Lolz     What  do  they  look  like  ?  
Spurious  DHCP  Server   Untrusted  DHCP  Server  Can  Be:   1-­‐Wireless  Router  Reset  to  Default         2-­‐Extended  USB  Wireless  Router  or  TVBox         3-­‐Desktop  systems  &  laptop  systems  that  are  loaded  with  DHCP  server          -­‐  Staffs  or  Students  TesJng  Lab  DHCP  Server          -­‐  PC  which  enable  or  load  DHCP  Server  services     4-­‐FAKE/Untrusted  Hosts          -­‐  DHCP  ACacker  Host          -­‐  Connect  DHCP  Server  to  Network  (  By  Accident  )  
Impact  to  Network   Disadvantages  and  Impact  to  Network:   1/.  Network  Unstable  (  Hotel/School  )          -­‐  Which  port  …..?          -­‐  Which  Floor…..  ?          -­‐  Which  locaJon…..  ?     2/.  Difficult  for  troubleshooJng  (  Service  Provider-­‐ISP/Mobile  Operator)          -­‐  PPPoE  client  get  wrong  IP  address          -­‐  Mobile  get  wrong  address  for  communicate          -­‐  Need  deeply  invesJgaJon.          -­‐  Network  Engineer  is  full  of  STRESS        
How  to  Prevent  Untrusted  DHCP  Server  ?                  Police  ?        Hardware  Firewall  ?                   “  The  Network  Engineer  has  to  know  and  fix  tomorrow  problem  “                        Otherwise;  IT  man  will  be  “  You  are  shit  !  “        
DHCP  Snooping  Feature   Enable  DHCP  Snooping  to:       •  Block  DHCP  Offer  on  Untrusted  port     •  Filters  out  invalid  messages     •  Rate-­‐limits  traffic  trusted  &  untrusted     •  Maintains  DHCP  snooping  binding  database     •  By  default,  it  is  inacJve  on  all  VLANs.  
No(fica(on  of  DHCP  Snooping     Ø  DHCP  snooping  allow  the  configuraJon  of  ports  as  trusted  or  untrusted.     Ø  Untrusted  ports  cannot  process  DHCP  replies.   Ø  Configure  DHCP  Snooping  on  uplinks  port  to  DHCP  Server.   Ø  Don't  configure  DHCP  snooping  on  client  ports                          
Configure  DHCP  Snooping  
Configure  DHCP  Snooping   Enables  DHCP  snooping  globally:    Cisco-­‐SW-­‐01#  configure  terminal    Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping     Enables  DHCP  snooping  on  VLAN:    Cisco-­‐SW-­‐01#configure  terminal    Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping  vlan  10,15-­‐17     Enabling  the  Database  Agent   Cisco-­‐SW-­‐01#configure  terminal   Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping  database  flash:/snooping.db      
Configure  DHCP  Snooping   Configure  Gigabit  Ethernet  port  0/1  as  trusted:    Cisco-­‐SW-­‐01#  configure  terminal    Cisco-­‐SW-­‐01(config)#  interface  gigabitethernet  0/1    Cisco-­‐SW-­‐01(config-­‐if)#  ip  dhcp  snooping  trust    Cisco-­‐SW-­‐01(config-­‐if)#  do  show  ip  dhcp  snooping     Note:  Gigabit  Ethernet  0/1  is  link  connected  to  Trust  DHCP  SRV.     Cisco-­‐SW-­‐01#  show  ip  dhcp  snooping  binding   MacAddress                IpAddress        Lease(sec)    Type    VLAN    Interface   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   00:02:B3:3F:3B:99    5.5.5.5              6943        dhcp-­‐snooping            10            GigabitEthernet0/1  
Q  and  A       Thank  You  for  Your  AUen(on  !      

Recomendados

DHCP Snooping
DHCP SnoopingDHCP Snooping
DHCP SnoopingNetProtocol Xpert
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - EnglishAdhie Lesmana
 
Mikrotik Tutorial
Mikrotik TutorialMikrotik Tutorial
Mikrotik TutorialMd Sohrab Hossain Sourav
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentationSaqib Malik
 
mis en place dun vpn site à site
mis en place dun vpn site à site mis en place dun vpn site à site
mis en place dun vpn site à site Manuel Cédric EBODE MBALLA
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
Transition ipv4-ipv6
Transition ipv4-ipv6Transition ipv4-ipv6
Transition ipv4-ipv6Arrow Djibio
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefitsqaisar17
 

Recomendados

DHCP Snooping
DHCP SnoopingDHCP Snooping
DHCP SnoopingNetProtocol Xpert
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - EnglishAdhie Lesmana
 
Mikrotik Tutorial
Mikrotik TutorialMikrotik Tutorial
Mikrotik TutorialMd Sohrab Hossain Sourav
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentationSaqib Malik
 
mis en place dun vpn site à site
mis en place dun vpn site à site mis en place dun vpn site à site
mis en place dun vpn site à site Manuel Cédric EBODE MBALLA
 
L2 tp
L2 tpL2 tp
L2 tpRamya Chowdary
 
Transition ipv4-ipv6
Transition ipv4-ipv6Transition ipv4-ipv6
Transition ipv4-ipv6Arrow Djibio
 
VPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and BenefitsVPN, Its Types,VPN Protocols,Configuration and Benefits
VPN, Its Types,VPN Protocols,Configuration and Benefitsqaisar17
 
Dhcp presentation 01
Dhcp presentation 01Dhcp presentation 01
Dhcp presentation 01maverick4489
 
MikroTik & RouterOS
MikroTik & RouterOSMikroTik & RouterOS
MikroTik & RouterOSFaelix Ltd
 
2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cme2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cmeYves Jean Louis
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCPYaser Rahmati
 
Nat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funcionaNat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funcionaqueches
 
Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016Netgate
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
Vpn
VpnVpn
Vpnkwabo
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaWardner Maia
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentationKuldeep Padhiyar
 
Dhcp
DhcpDhcp
DhcpTapan Khilar
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Secured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRSecured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRBangladesh Network Operators Group
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
DMVPN
DMVPNDMVPN
DMVPNNetProtocol Xpert
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingMuhd Mu'izuddin
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp pptHema Dhariwal
 
Proxy
ProxyProxy
ProxyTriad Square InfoSec
 
Dhcp
DhcpDhcp
DhcpChinmoy Jena
 
162 15-768
162 15-768162 15-768
162 15-768faisal123000
 
Dhcp Snooping
Dhcp SnoopingDhcp Snooping
Dhcp SnoopingPrateek Baharani
 

Mais conteúdo relacionado

Mais procurados

Dhcp presentation 01
Dhcp presentation 01Dhcp presentation 01
Dhcp presentation 01maverick4489
 
MikroTik & RouterOS
MikroTik & RouterOSMikroTik & RouterOS
MikroTik & RouterOSFaelix Ltd
 
2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cme2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cmeYves Jean Louis
 
Nat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funcionaNat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funcionaqueches
 
Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016Netgate
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaWardner Maia
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2samis
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Sophan Nhean
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingMuhd Mu'izuddin
 

Mais procurados (20)

Dhcp presentation 01
Dhcp presentation 01Dhcp presentation 01
Dhcp presentation 01
 
MikroTik & RouterOS
MikroTik & RouterOSMikroTik & RouterOS
MikroTik & RouterOS
 
2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cme2+ipt+configuring cisco-cme
2+ipt+configuring cisco-cme
 
Chapter 10 - DHCP
Chapter 10 - DHCPChapter 10 - DHCP
Chapter 10 - DHCP
 
Nat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funcionaNat (network address translation) qué es y cómo funciona
Nat (network address translation) qué es y cómo funciona
 
Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016Providing Local DNS with pfSense - pfSense Hangout August 2016
Providing Local DNS with pfSense - pfSense Hangout August 2016
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configuration
 
Vpn
VpnVpn
Vpn
 
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner MaiaIpv6 Security with Mikrotik RouterOS by Wardner Maia
Ipv6 Security with Mikrotik RouterOS by Wardner Maia
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
 
Dhcp
DhcpDhcp
Dhcp
 
Network Security - Layer 2
Network Security - Layer 2Network Security - Layer 2
Network Security - Layer 2
 
Aircrack
AircrackAircrack
Aircrack
 
Secured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRSecured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRR
 
Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3Dhcp & dhcp relay agent in cent os 5.3
Dhcp & dhcp relay agent in cent os 5.3
 
DMVPN
DMVPNDMVPN
DMVPN
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
 
Dhcp ppt
Dhcp pptDhcp ppt
Dhcp ppt
 
Proxy
ProxyProxy
Proxy
 
Dhcp
DhcpDhcp
Dhcp
 

Semelhante a How to prevent DHCP spoofing in network

Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
 
DHCP,ARP in networks
DHCP,ARP in networksDHCP,ARP in networks
DHCP,ARP in networksssuser15869a
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)NetProtocol Xpert
 
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...Jiunn-Jer Sun
 
Introduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareIntroduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareMuhammadRizaHilmi
 
IT Essentials (Version 7.0) - ITE Chapter 6 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 6 Exam AnswersIT Essentials (Version 7.0) - ITE Chapter 6 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 6 Exam AnswersITExamAnswers.net
 
IPVS for Docker Containers
IPVS for Docker ContainersIPVS for Docker Containers
IPVS for Docker ContainersBob Sokol
 
[En] IPVS for Docker Containers
[En] IPVS for Docker Containers[En] IPVS for Docker Containers
[En] IPVS for Docker ContainersAndrey Sibirev
 
Module (8) DHCP Server.pptx
Module (8) DHCP Server.pptxModule (8) DHCP Server.pptx
Module (8) DHCP Server.pptxGeorgeThoreJr
 
Investigation of dhcp packets using wireshark
Investigation of dhcp packets using wiresharkInvestigation of dhcp packets using wireshark
Investigation of dhcp packets using wiresharkjpratt59
 
Dynamic Host Configuration Protocol ( DHCP).pptx
Dynamic Host Configuration Protocol ( DHCP).pptxDynamic Host Configuration Protocol ( DHCP).pptx
Dynamic Host Configuration Protocol ( DHCP).pptxSYEDASGARAHMED1
 
DoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKDoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKMarian Marinov
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminskyDan Kaminsky
 
6 understanding DHCP
6 understanding DHCP6 understanding DHCP
6 understanding DHCPHameda Hurmat
 

Semelhante a How to prevent DHCP spoofing in network (20)

162 15-768
162 15-768162 15-768
162 15-768
 
Dhcp Snooping
Dhcp SnoopingDhcp Snooping
Dhcp Snooping
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
DHCP,ARP in networks
DHCP,ARP in networksDHCP,ARP in networks
DHCP,ARP in networks
 
Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)Dynamic ARP Inspection (DAI)
Dynamic ARP Inspection (DAI)
 
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...
Protect Your DHCP Infrastructure from Cyber Attacks - Cybersecurity Training ...
 
Security policy
Security policySecurity policy
Security policy
 
Introduction to Networking Commands & Software
Introduction to Networking Commands & SoftwareIntroduction to Networking Commands & Software
Introduction to Networking Commands & Software
 
IT Essentials (Version 7.0) - ITE Chapter 6 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 6 Exam AnswersIT Essentials (Version 7.0) - ITE Chapter 6 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 6 Exam Answers
 
IPVS for Docker Containers
IPVS for Docker ContainersIPVS for Docker Containers
IPVS for Docker Containers
 
[En] IPVS for Docker Containers
[En] IPVS for Docker Containers[En] IPVS for Docker Containers
[En] IPVS for Docker Containers
 
Module (8) DHCP Server.pptx
Module (8) DHCP Server.pptxModule (8) DHCP Server.pptx
Module (8) DHCP Server.pptx
 
Investigation of dhcp packets using wireshark
Investigation of dhcp packets using wiresharkInvestigation of dhcp packets using wireshark
Investigation of dhcp packets using wireshark
 
Dynamic Host Configuration Protocol ( DHCP).pptx
Dynamic Host Configuration Protocol ( DHCP).pptxDynamic Host Configuration Protocol ( DHCP).pptx
Dynamic Host Configuration Protocol ( DHCP).pptx
 
DoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDKDoS and DDoS mitigations with eBPF, XDP and DPDK
DoS and DDoS mitigations with eBPF, XDP and DPDK
 
Bh fed-03-kaminsky
Bh fed-03-kaminskyBh fed-03-kaminsky
Bh fed-03-kaminsky
 
DHCP.pptx
DHCP.pptxDHCP.pptx
DHCP.pptx
 
6 understanding DHCP
6 understanding DHCP6 understanding DHCP
6 understanding DHCP
 
DHCP
DHCPDHCP
DHCP
 

Mais de KHNOG

SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)KHNOG
 
Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack CounterKHNOG
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network PentestrationKHNOG
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IPKHNOG
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTikKHNOG
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network ExploitationKHNOG
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-HoneypotKHNOG
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on LinuxKHNOG
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certifiedKHNOG
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access ControllerKHNOG
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone NetworkKHNOG
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRASKHNOG
 
ElasticISP
ElasticISPElasticISP
ElasticISPKHNOG
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik RouterKHNOG
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)KHNOG
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)KHNOG
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) KHNOG
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)KHNOG
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level AgreementKHNOG
 
Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikKHNOG
 

Mais de KHNOG (20)

SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)SIP (Session Initiation Protocol)
SIP (Session Initiation Protocol)
 
Network Attack Counter
Network Attack CounterNetwork Attack Counter
Network Attack Counter
 
Wireless Network Pentestration
Wireless Network PentestrationWireless Network Pentestration
Wireless Network Pentestration
 
Core Concept of TCP/IP
Core Concept of TCP/IPCore Concept of TCP/IP
Core Concept of TCP/IP
 
Bonding Interface in MikroTik
Bonding Interface in MikroTikBonding Interface in MikroTik
Bonding Interface in MikroTik
 
Network Exploitation
Network ExploitationNetwork Exploitation
Network Exploitation
 
Network Security-Honeypot
Network Security-HoneypotNetwork Security-Honeypot
Network Security-Honeypot
 
Bandwidth Management on Linux
Bandwidth Management on LinuxBandwidth Management on Linux
Bandwidth Management on Linux
 
Why / How to become the Linux certified
Why / How to become the Linux certifiedWhy / How to become the Linux certified
Why / How to become the Linux certified
 
Terminal Access Controller
Terminal Access ControllerTerminal Access Controller
Terminal Access Controller
 
Cambodia International Backbone Network
Cambodia International Backbone NetworkCambodia International Backbone Network
Cambodia International Backbone Network
 
Introduction to BRAS
Introduction to BRASIntroduction to BRAS
Introduction to BRAS
 
ElasticISP
ElasticISPElasticISP
ElasticISP
 
Hotspot on Mikrotik Router
Hotspot on Mikrotik RouterHotspot on Mikrotik Router
Hotspot on Mikrotik Router
 
Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)Virtual Extensible LAN (VXLAN)
Virtual Extensible LAN (VXLAN)
 
Policy Based Routing (PBR)
Policy Based Routing (PBR)Policy Based Routing (PBR)
Policy Based Routing (PBR)
 
Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD) Bidirectional Forwarding Detection (BFD)
Bidirectional Forwarding Detection (BFD)
 
Network Mapper (NMAP)
Network Mapper (NMAP)Network Mapper (NMAP)
Network Mapper (NMAP)
 
IT Service Level Agreement
IT Service Level AgreementIT Service Level Agreement
IT Service Level Agreement
 
Routing Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. MikrotikRouting Implementation - Cisco vs. Mikrotik
Routing Implementation - Cisco vs. Mikrotik
 

Último

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Último (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

How to prevent DHCP spoofing in network

  • 1. Topic:  How  to  prevent  DHCP  Spoofing  In  Network ROEURM  Channa  (Mr.) channa.roeurm@gmail.com       28-­‐‑October  2015 “  Sharing  Is  The  Best  Of  Communication  &  SMARTER  TEAM  “  
  • 2. Presenta(on  Objec(ve:      1/.  DHCP  Server  in  Network        2/.  Overview  of  DHCP  Snooping      3/.  Trusted  and  Untrusted  Sources      4/.  DHCP  ACacker  Impact  to  Network      6/.  DHCP  Snooping  Feature      7/.  DHCP  Snooping  ConfiguraJon      8/.  QuesJon  and  Answer  
  • 3. DHCP  Server  in  Network   Trusted     DHCP   Server  
  • 4. DHCP  Server  in  Network                                                  Un-­‐Trusted                                                                                                                DHCP  Sever    
  • 5. Trusted  and  Untrusted  Sources     Trusted  Host:  devices  under  your  administraJve  control  are  trusted  sources   include  the  switches,  routers,  and  servers  in  your  network.     Untrusted  Host:  A  DHCP  server  that  is  on  your  network  without  your   knowledge  on  an  untrusted  port  is  called  a  spurious  load  DHCP  server       Spurious  DHCP  Server  !    Lolz     What  do  they  look  like  ?  
  • 6. Spurious  DHCP  Server   Untrusted  DHCP  Server  Can  Be:   1-­‐Wireless  Router  Reset  to  Default         2-­‐Extended  USB  Wireless  Router  or  TVBox         3-­‐Desktop  systems  &  laptop  systems  that  are  loaded  with  DHCP  server          -­‐  Staffs  or  Students  TesJng  Lab  DHCP  Server          -­‐  PC  which  enable  or  load  DHCP  Server  services     4-­‐FAKE/Untrusted  Hosts          -­‐  DHCP  ACacker  Host          -­‐  Connect  DHCP  Server  to  Network  (  By  Accident  )  
  • 7. Impact  to  Network   Disadvantages  and  Impact  to  Network:   1/.  Network  Unstable  (  Hotel/School  )          -­‐  Which  port  …..?          -­‐  Which  Floor…..  ?          -­‐  Which  locaJon…..  ?     2/.  Difficult  for  troubleshooJng  (  Service  Provider-­‐ISP/Mobile  Operator)          -­‐  PPPoE  client  get  wrong  IP  address          -­‐  Mobile  get  wrong  address  for  communicate          -­‐  Need  deeply  invesJgaJon.          -­‐  Network  Engineer  is  full  of  STRESS        
  • 8. How  to  Prevent  Untrusted  DHCP  Server  ?                  Police  ?        Hardware  Firewall  ?                   “  The  Network  Engineer  has  to  know  and  fix  tomorrow  problem  “                        Otherwise;  IT  man  will  be  “  You  are  shit  !  “        
  • 9. DHCP  Snooping  Feature   Enable  DHCP  Snooping  to:       •  Block  DHCP  Offer  on  Untrusted  port     •  Filters  out  invalid  messages     •  Rate-­‐limits  traffic  trusted  &  untrusted     •  Maintains  DHCP  snooping  binding  database     •  By  default,  it  is  inacJve  on  all  VLANs.  
  • 10. No(fica(on  of  DHCP  Snooping     Ø  DHCP  snooping  allow  the  configuraJon  of  ports  as  trusted  or  untrusted.     Ø  Untrusted  ports  cannot  process  DHCP  replies.   Ø  Configure  DHCP  Snooping  on  uplinks  port  to  DHCP  Server.   Ø  Don't  configure  DHCP  snooping  on  client  ports                          
  • 12. Configure  DHCP  Snooping   Enables  DHCP  snooping  globally:    Cisco-­‐SW-­‐01#  configure  terminal    Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping     Enables  DHCP  snooping  on  VLAN:    Cisco-­‐SW-­‐01#configure  terminal    Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping  vlan  10,15-­‐17     Enabling  the  Database  Agent   Cisco-­‐SW-­‐01#configure  terminal   Cisco-­‐SW-­‐01(Config)#  ip  dhcp  snooping  database  flash:/snooping.db      
  • 13. Configure  DHCP  Snooping   Configure  Gigabit  Ethernet  port  0/1  as  trusted:    Cisco-­‐SW-­‐01#  configure  terminal    Cisco-­‐SW-­‐01(config)#  interface  gigabitethernet  0/1    Cisco-­‐SW-­‐01(config-­‐if)#  ip  dhcp  snooping  trust    Cisco-­‐SW-­‐01(config-­‐if)#  do  show  ip  dhcp  snooping     Note:  Gigabit  Ethernet  0/1  is  link  connected  to  Trust  DHCP  SRV.     Cisco-­‐SW-­‐01#  show  ip  dhcp  snooping  binding   MacAddress                IpAddress        Lease(sec)    Type    VLAN    Interface   -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐  -­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐-­‐   00:02:B3:3F:3B:99    5.5.5.5              6943        dhcp-­‐snooping            10            GigabitEthernet0/1  
  • 14. Q  and  A       Thank  You  for  Your  AUen(on  !