Episode 702 – DHCP Exhaustion and DNS Man-in-the-Middle

With a mixture of in-studio and on location in Dublin this week we’re talking to Robin Wood about DHCP Exhaustion and DNS Man-in-the-Middle attacks, talking Metasploit modules and a Pineapple Monkey half-breed.

Download HD Download MP4 Download XviD Download WMV

DHCP Exhaustion and DNS Man-in-the-Middle Attacks

Rather than your typical ARP based Man-In-The-Middle attack, Robin wood brings us two metasploit modules for both denial of service attacking a DHCP server and deploying a rogue DHCP server of your own with a DNS MiTM to boot. Check out the Metasploit DNS and DHCP Exhaustion – BETA at Digininja.org.

The JasagerInterceptor – a Pineapple Monkey mashup

This week we take a look within the community and highlight some of the awesome work done by Beakmyn. In an answer to Deathray’s thread on a Jasager with a network tap like the Interceptor, he brings you just such project. Behold the JasagerInterceptor. I’ve seen it with my own eyes at Shmoocon and I must say it’s a nifty bit of kit.


  • soupman

    DHCP Exhaustion, loving it. I see it also being us full on your own network of you want to make 100% sure that no rogue device shows up, nab all the IPs for yourself so nobody is able to connect!(cant help but think I’m stating the obvious here lol) Great episode as always, wish you could have come down south of UK Darren!
    Peace 🙂

  • Ben

    What, no mention of how to help prevent against this type of attack??

    1. Shorten your DHCP lease times. DHCP clients issue a DHCPREQUEST to renew their lease prior to the end of the lease. I believe most clients wait until the lease is 1/2 over to issue the first DHCPREQUEST.

    2. Watch your network for rogue DHCP servers. If someone else is issuing DHCPOFFER packets you can monitor this using your IDS/IPS and take action.

    3. Segment your network and only allow DHCPREQUEST traffic to be relayed to your DHCP server.

  • Slasher

    Or as soupman said, take all the ip’s for yourself. Also on my router (Netgear) you can restrict the range of ip’s it will hand out, so if i only have say 2 pc’s i need wireless with, i can change it from to

  • SherrieMEggink

    Hello! Someone in my Facebook group shared this site with us so I came to check it
    out. I’m definitely enjoying the information. I’m book-marking and will be tweeting this
    to my followers! Terrific blog and superb style and design.

  • Toronto Maple Leafs

    Toronto Maple Leafs ?f you ?re intere?ted in wholesale Jerseys, doo not hesitate ?ny mor?.
    ?elcome to o?r NFL jerseys outlet store!
    ?on’t miss this golden chance, w? a?e l?oking forward ?our order all th? time.
    Speck Candyahell Iphone ?ase

  • NievesULefleur

    Hi, Neat post. There is a problem along with your site in web explorer, could test this?
    IE nonetheless is the marketplace chief and a huge part of other
    people will miss your excellent writing due to this problem.

  • CarolannKSteinmeiz

    Hmm it looks like your site ate my first comment (it was super long) so I guess I’ll just sum it
    up what I had written and say, I’m thoroughly enjoying your blog.
    I too am an aspiring blog writer but I’m still new to everything.

    Do you have any tips and hints for rookie blog writers?

    I’d certainly appreciate it.

  • AlainaCAbousaleh

    What’s Happening i am new to this, I stumbled upon this
    I have discovered It positively helpful and it has helped me
    out loads. I hope to contribute & aid different customers like its helped me.

    Good job.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>