Skip to content
/ ioc25-dhcp-spoofing Public

This case illustrates a classic but potent attack: rogue DHCP server injection. The attacker doesn’t need malware—just a faster offer, and your clients obey. Detection depends on vigilant monitoring: sudden DHCP surges, strange gateway settings, or DNS reroutes.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Compcode1/ioc25-dhcp-spoofing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ioc25_dhcp_spoofing.ipynb
ioc25_dhcp_spoofing.ipynb
 
 

Repository files navigation

This case illustrates a classic but potent attack: rogue DHCP server injection. The attacker doesn’t need malware—just a faster offer, and your clients obey. Detection depends on vigilant monitoring: sudden DHCP surges, strange gateway settings, or DNS reroutes. The attacker’s goal is control: rerouting traffic, harvesting credentials, or causing chaos. For defenders, the lesson is clear: secure DHCP infrastructure, enforce VLAN segmentation, monitor network anomalies, and educate users. One unauthorized DHCP offer can reset your network’s trust.

About

This case illustrates a classic but potent attack: rogue DHCP server injection. The attacker doesn’t need malware—just a faster offer, and your clients obey. Detection depends on vigilant monitoring: sudden DHCP surges, strange gateway settings, or DNS reroutes.

Topics

incident-response network-security dhcp-spoofing wireshark-analysis layer-2-attack

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages