1. DoS attack on DHCP server
DHCP is a protocol used to automatically configure devices. Usually, they are terminal devices such as computers, phones or printers that receive IP addresses, masks, default gateways, DNS, etc. thanks to DHCP.
The attack is called a “DHCP hunger attack” based on the fact that each DHCP server has a precisely defined number of IP addresses that can be allocated to devices. For example, the subnet might be 192.168.0.0/24, which represents a maximum range of 253 usable addresses for clients.
But when an attacker claims all available IP addresses by overwriting a large number of bogus MAC addresses, the server will not have any IP addresses to offer to new devices.
This attack even creates an opportunity for the attacker to capture traffic. After disabling the DHCP server, the attacker can switch to his own DHCP server. For example, a fake DNS server could be provided in the DHCP configuration to attack you.
2. Basic configuration of DHCP server on CISCO router?
ip dhcp excluded-address 192.168.0.1 ! ip dhcp pool LAN network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 dns-server 8.8.8.8
After connecting the first station, I saw an IP address assigned.
R1-NETVEL#show ip dhcp binding
I also saw a small amount of DHCP requests coming to the router.
R1-NETVEL#show ip dhcp server statistics
And only one IP address is assigned
3. And only one IP address is assigned
I will use the Yersinia tool. You can also do this through the CLI, but in this case, I prefer the GUI. You can open it with the following command.
root@kali:~#yersinia -G
Or you can also launch the attack with a few mouse clicks through the graphical interface.
Start: Launch attack -> send DISCOVER packet
Stop: List attacks -> Cancel attack
After a while, the DHCP server will have more requests than it can handle. That is a DoS attack.
R1-NETVEL#show ip dhcp binding
R1-NETVEL#show ip dhcp server statistics
R1-NETVEL#show ip dhcp pool
