Dark Deceptions in DHCP: Dismantling Network Defenses
Robert Dilworth
TL;DR
This paper analyzes vulnerabilities in DHCP protocols, classifies various attack types, assesses associated risks, and proposes controls to enhance network security and prevent exploits like TunnelVision and rogue server attacks.
Contribution
It provides a comprehensive taxonomy of DHCP vulnerabilities, risk assessment, and mitigation strategies, including the novel focus on TunnelVision exploit.
Findings
DHCP vulnerabilities can compromise network confidentiality and integrity.
Rogue DHCP servers and replay attacks pose significant security risks.
Proposed controls can mitigate DHCP-related threats effectively.
Abstract
This paper explores vulnerabilities in the Dynamic Host Configuration Protocol (DHCP) and their implications on the Confidentiality, Integrity, and Availability (CIA) Triad. Through an analysis of various attacks, including DHCP Starvation, Rogue DHCP Servers, Replay Attacks, and TunnelVision exploits, the paper provides a taxonomic classification of threats, assesses risks, and proposes appropriate controls. The discussion also highlights the dangers of VPN decloaking through DHCP exploits and underscores the importance of safeguarding network infrastructures. By bringing awareness to the TunnelVision exploit, this paper aims to mitigate risks associated with these prevalent vulnerabilities.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Network Security and Intrusion Detection · Spam and Phishing Detection