Rouge DHCP Server - Hsanokklis/2022-2023-Tech-journal GitHub Wiki
A Rogue DHCP server is a server that does not have the authorization to give out IP addresses on your network. It can often go undetected until it starts to cause problems on the network. The most common issues are: performance issues, inability to reach needed resources, and connectivity problems. If the RogueDHCP is malicious, then it could cause more destructive problems. Information on the network could be compromised and given to attackers. More often then not, a Rogue DHCP is the result of a misconfiguration, and is not always malicious, but it is still not something you want to have on your network. If there are 2 DHCP servers on your network, (one rogue and one authorized) then they will both start to give out IP addresses at the same time. When a DHCP request comes in from a new device, it will be sent to both servers, and then it just becomes a race of which server can send an IP address back to the device faster. If the Rogue DHCP wins the race, then the new device will not be able to communicate with other devices on the network.