Snooping DHCP

Para Snooping IGMP, véase IGMP snooping.

In computer networks, DHCP snooping is a series of techniques applied to ensure the security of an existing DHCP infrastructure.

When DHCP servers are routing IP addresses to clients on the LAN, DHCP snooping can be configured in LAN changes by force to leave clients with IP / MAC addresses to access the network. Description

DHCP snooping is a series of 2 techniques that ensure the integrity of IP in a double-layered domain. Work with information from a DHCP server for:

With DHCP snooping, only a white list of IP addresses can access the network. The white list is configured in the port exchange, and the DHCP server directs the access control. Only IP addresses with specific MAC addresses on specific ports can access the IP network.

DHCP snooping can also prevent attackers from adding their own DHCP server to the network. An attacker controlled DHCP server (Rogue DHCP) could cause network failure or even control it.

DHCP snooping is an important component in defense against ARP spoofing. ARP security checks the IP Source Protocol Address.

wiki