Vol 2 Part 2.5: DHCP Flashcards

1
Q

Dynamic Host Configuration Protocol (DHCP) assigns host network settings based on configuration at the what?

A

DHCP Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 3 main functions of DHCP?

A
  1. Reduces workload of manual IP configuration
  2. Assigns DNS IP addresses
  3. Recovers no longer used IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two primary critical IP addresses when using DHCP, and why are they critical?

A
  1. 0.0.0- The IP of a host that does not yet have an IP

255. 255.255.255- The local broadcast IP used to locally contact the DHCP server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four critical messages sent between the client and server when using DHCP?

A

DORA

  1. Discover- sent by DHCP client to find a willing DHCP server
  2. Offer- sent by the DHCP server, offering a lease of an IP and other parameters
  3. Request- sent by the DHCP client, asking the server to lease the IPv4 address listed in the offer
  4. Acknowledge- sent by the DHCP server, assigns the address and lists the mask, default router, and DNS IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Routers do not forward broadcasts. Subnets sending discover messages to the 255.255.255.255 broadcast address while a DHCP server is located elsewhere will get no response means that another method must be used for a device on a subnet to hit a DHCP server on a different subnet. What is this method called?

A

DHCP relay. The router that acts as a middle man.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What command is used to set up the DHCP relay?

A

ip helper-address SERVER IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What 4 items does a host need in order to work with DHCP correctly?

A
  1. The DNS Server IP for name resolution
  2. The default gateway IP
  3. The device’s own IP
  4. The devices own subnet mask
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What interface should the ip dhcp helper-address command go on a router for the subnet that requires network settings from a DHCP server?

A

The inbound interface from the local network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The MacOS uses what command in order to access the IP configuration commands?

A

Ifconfig

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What IP address does a host use as the source address when sending out a discover message to a DHCP server?

A

0.0.0.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DHCP Snooping on a switch acts like a what?

A

A firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does DHCP snooping do?

A

It analyzes incoming messages on a specific subset of ports in a VLAN. It filters the DHCP server messages (offer and acknowledge), preventing another device from offering and acknowledging IP network settings from a spurious or rogue DHCP server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

With DHCP snooping, all ports are in what state by default?

A

untrusted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the 3 DHCP snooping rules?

A
  1. Discards DHCP messages received on an untrusted port if they are server based DHCP messages
  2. DHCP messages received on an untrusted port as normally sent by a DHCP client (discover and request) may be filtered if they might be part of an attack
  3. DHCP messages received on a trusted port will be forwarded. Trusted ports do NOT filer any DHCP messages.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Explain the DHCP Release and DHCP decline messages

A

DHCP Release- client message telling the server they no longer need the IP address
DHCP Decline- client message turning down an IP offer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DHCP snooping checks the client’s MAC Address and their hardware address known as the what?

A

the chaddr

17
Q

What must be trust about the chaddr and the source MAC of the received frame on the switch interface that is using DHCP snooping?

A

They must be the same

18
Q

How could an attacker utilize the chaddr in order to use up all of the IP addresses in a DHCP scope/range? What would this attack be called?

A

The attacker could try to use a pseudo MAC while changing the chaddr to something different for each request. This would be a DHCP starvation attack.

19
Q

What does a switch use with DHCP snooping in order to build an entry for all DHCP flows? What does this do for the switch?

A

A DHCP Snooping Binding Table. This allows the switch to keep a list of important facts about legitimate DHCP flows, and can be used along with Dynamic ARP Inspection (DAI) to make decisions.

20
Q

DHCP Snooping must be enabled how in order to work?

A

Globally, listing the VLANs to be used, and with ports configured as trusted for the necessary network devices and servers.

21
Q

No IP DHCP Snooping Information Option is used to do what?

A

Disable new fields in DHCP requests

22
Q

What uses the new fields with respect to DHCP?

A

DHCP relay agents

23
Q

What are these new fields defined as?

A

Option 82 DHCP Header Fields per RFC 3046.

24
Q

If a switch is not working as a DHCP relay, and you want to make DHCP snooping work, what must you do and why?

A

Disable option 82. A switch working as a DHCP relay needs option 82 enabled so that it can create the option 82 header fields to forward frames to the DHCP server. A switch that is not acting as a relay needs option 82 disabled so that it doesn’t add these new fields and cause the frame to be filtered.

25
Q

DHCP Snooping uses the general purpose CPU on a switch. Attackers can try to generate large volumes of DHCP messages to overload the CPU, resulting in DHCP messages no getting examined and allowing the attacker to breach the system. What can we do to combat this and what is the command that is used?

A

Rate limiting

Command- Ip dhcp snooping limit number of messages per second that can be received

26
Q

What does Dynamic ARP Inspection (DAI) do?

A

Examines ARP requests on an untrusted port for potential attacks by comparing the DHCP Snooping Binding Table and any ARP ACLs configured.

27
Q

There are times when a host might want everyone on the subnet to know its MAC address. In this situation. what kind of ARP reply is sent out?

A

Gratuitous ARP. It is sent without having first received an ARP request and is sent to an Ethernet destination broadcast address so that all hosts in the subnet receive the message.

28
Q

What global command enables DHCP Snooping?

A

ip dhcp snooping