CAPEC-697

Standard Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Low Severity: High
DHCP Spoofing

Description

An adversary masquerades as a legitimate Dynamic Host Configuration Protocol (DHCP) server by spoofing DHCP traffic, with the goal of redirecting network traffic or denying service to DHCP.

Prerequisites

The adversary must have access to a machine within the target LAN which can send DHCP offers to the target.

Mitigations

Design: MAC-Forced Forwarding

Implementation: Port Security and DHCP snooping

Implementation: Network-based Intrusion Detection Systems

Skills Required

[Medium] The adversary must identify potential targets for DHCP Spoofing and craft network configurations to obtain the desired results.