CAPEC-697: DHCP Spoofing
Description
Extended Description
DHCP is broadcast to the entire Local Area Network (LAN) and does not have any form of authentication by default. Therefore, it is susceptible to spoofing.
An adversary with access to the target LAN can receive DHCP messages; obtaining the topology information required to potentially manipulate other hosts' network configurations.
To improve the likelihood of the DHCP request being serviced by the Rogue server, an adversary can first starve the DHCP pool.
Severity :
High
Possibility :
Low
Type :
Standard
Relationships with other CAPECs
This table shows the other attack patterns and high level categories that are related to this attack pattern.
Prerequisites
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- The adversary must have access to a machine within the target LAN which can send DHCP offers to the target.
Skills required
This table shows the other attack patterns and high level categories that are related to this attack pattern.
- Medium The adversary must identify potential targets for DHCP Spoofing and craft network configurations to obtain the desired results.
Taxonomy mappings
Mappings to ATT&CK, OWASP and other frameworks.
Resources required
The adversary requires access to a machine within the target LAN on a network which does not secure its DHCP traffic through MAC-Forced Forwarding, port security, etc.
Related CWE
A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.
Visit http://capec.mitre.org/ for more details.