GuidesBack To Basics: Windows 2000 Rogue DHCP Server Detection?

Back To Basics: Windows 2000 Rogue DHCP Server Detection?




Thomas Shinder

The Dynamic Host Configuration Protocol is one of the
unsung hero’s of the network administrator. Without the help of DHCP and DHCP
Servers, we would be thrust into a life of constant battle against entropy of
our IP addressing scheme. We would live the listless life of an inventory
specialist, continuously having to record and record IP addresses for the
machines on our network.

The Dynamic Host Configuration Protocol is one of the unsung heros of the network administrator. Without the help of DHCP and DHCP Servers, we would be thrust into a life of constant battle against entropy of our IP addressing scheme. We would live the listless life of an inventory specialist, continuously having to record and record IP addresses for the machines on our network.

However, the DHCP Server now does all the work for us. All
we have to do is install the Windows 2000 DHCP Server, configure scopes and DHCP
Options, and away we go. No muss, no fuss, and almost all the time,
things work very nicely. The only chink is the armor is the broadcast nature of
DHCP Client/Server communications. And although this provides one of its
greatest strengths, it also creates one of its greatest weaknesses.

The Mysterious Network Glitch

As an experienced network administrator, you probably have
had the experience of having someone “try out” a new DHCP Server on
your production network. You probably also had to spend many long hours trying
to figure out what the problem was after the “surprise” DHCP Server
was brought online.

The core of the problem is that DHCP messages are
broadcast messages, and any DHCP Server that hears the broadcast can respond to
the DHCPDISCOVER message from a DHCP Client. Since any and all DHCP Servers
within broadcast range of the DHCP client can respond to DHCP requests, if an
unauthorized DCHP Server answers the request, there’s a good chance that the
information the DCHP Client receives from it will not be valid.

Latest Posts

Related Stories