Sie sind hier : Homepage →  Glossary→  Networking Basics→  DHCP spoofing

DHCP Spoofing

Dynamic Host Configuration Protocol (DHCP), described in RFC 1541, is an extension of the Bootstrap Protocol (BOOTP). DHCP allows hosts on a TCP/IP network to dynamically obtain basic configuration information.


When a DHCP client starts up, it broadcasts a DHCP discovery packet looking for DHCP servers. DHCP servers respond to this packet with a DHCP offer packet. The client then chooses a server to obtain TCP/IP configuration information (such as an IP address). The configuration information is allocated (leased) to the client for a short period of time (such as seconds or minutes). The client must periodically renew its lease in order to continue to use the configuration.


If a DHCP client needs to find a DHCP server over the WAN, the Pipeline initiates a connection to enable the client to reach the DHCP server.

SecurID and DHCP Spoofing

If a DHCP client needs to connect to a remote DHCP server through a Pipeline and uses a SecurID card, the client needs to be given a temporary address by the Pipeline in order to obtain authentication.


In this type of environment, the Ascend Password Protocol (APP) server must first authenticate a user before a call to the remote network can be made. APP authentication requires an IP address, but will accept a temporary (spoofed) address supplied by the Pipeline.


The Pipeline can be configured to temporarily act as a DHCP

Startseite -- © 2001/2021 - Copyright by Dipl.-Ing. Gert Redlich / Germany - D-65191 Wiesbaden - Telefon-Nummer - Impressum