1 00:00:00,650 --> 00:00:07,490 ‫Now, similar to the other types of spoofing attacks, dynamic host configuration protocol, the HDP 2 00:00:07,490 --> 00:00:14,960 ‫spoofing involves an attacker pretending to be someone else, in this case acting as a legitimate DHP 3 00:00:14,960 --> 00:00:15,350 ‫server. 4 00:00:16,320 --> 00:00:22,110 ‫Since DHP is used on most networks to provide addressing and other common information and clients, 5 00:00:22,410 --> 00:00:25,770 ‫losing control of this part of the network can be dangerous. 6 00:00:28,350 --> 00:00:36,240 ‫Dynamic host configuration protocol DHP now it's a protocol used to provide automatic and central management 7 00:00:36,240 --> 00:00:39,030 ‫for the distribution of IP addresses within a network. 8 00:00:40,620 --> 00:00:47,640 ‫It's also used to configure the proper subnet mask, default gateway and DNS server information on the 9 00:00:47,640 --> 00:00:48,150 ‫device. 10 00:00:49,220 --> 00:00:57,770 ‫In most homes and small businesses, the router acts as a DHCP server in large networks, a single computer 11 00:00:57,800 --> 00:00:59,600 ‫might act as a DHP server. 12 00:01:00,820 --> 00:01:07,990 ‫In short, the process goes like this bit of ice, the client requests an IP address from a router, 13 00:01:08,350 --> 00:01:08,830 ‫the host. 14 00:01:09,740 --> 00:01:15,920 ‫After which the host assigns an available IP address to allow the client to communicate on the network. 15 00:01:17,270 --> 00:01:20,500 ‫So let's look at some of the advantages of using the HP. 16 00:01:21,670 --> 00:01:28,600 ‫A computer or any other device that connects to a network local or internet must be properly configured 17 00:01:28,600 --> 00:01:30,100 ‫to communicate on that network. 18 00:01:30,130 --> 00:01:34,960 ‫Makes sense since DHP allows that configuration to happen automatically. 19 00:01:35,410 --> 00:01:40,390 ‫It's used in almost every device that connects to a network, including computers, switches, smartphones, 20 00:01:40,390 --> 00:01:41,560 ‫gaming consoles, you name it. 21 00:01:42,990 --> 00:01:45,570 ‫And because of this dynamic IP address assignment. 22 00:01:46,600 --> 00:01:52,990 ‫There's less of a chance that two devices will have the same IP address, which is very easy to run 23 00:01:52,990 --> 00:01:56,470 ‫into when using manually assigned static IP addresses. 24 00:01:58,400 --> 00:02:05,120 ‫Using DHP also makes a network much easier to manage from an administrative point of view. 25 00:02:05,540 --> 00:02:10,820 ‫Every device on the network can get an IP address with nothing more than their default network settings, 26 00:02:11,180 --> 00:02:14,030 ‫which is set up to obtain an address automatically. 27 00:02:14,030 --> 00:02:17,840 ‫So that's easy gives them nothing to call the helpdesk about. 28 00:02:18,980 --> 00:02:24,830 ‫The only other alternative is to manually assign addresses to each and every device on the network. 29 00:02:26,220 --> 00:02:27,810 ‫You're not getting paid enough to do that. 30 00:02:29,600 --> 00:02:35,810 ‫So because these devices can get an IP address automatically, they can move freely from one network 31 00:02:35,810 --> 00:02:42,980 ‫to another, given that they're all set up with DHP and receive an IP address automatically, which 32 00:02:42,980 --> 00:02:44,720 ‫is super helpful with mobile devices. 33 00:02:45,990 --> 00:02:52,890 ‫Now, as a cyber security expert, you should know one more thing about the DHP mechanism. 34 00:02:53,980 --> 00:03:00,460 ‫The first device, which replies to a DHC Discovery request besides the configuration of the client. 35 00:03:01,910 --> 00:03:06,230 ‫There is not any mechanism to authenticate the DHP server. 36 00:03:08,450 --> 00:03:17,540 ‫Similarly, a DHP server tries to reply to all the DHP requests, and again, there is no authentication 37 00:03:17,540 --> 00:03:21,050 ‫mechanism for the client who request an IP. 38 00:03:21,410 --> 00:03:21,860 ‫You get it. 39 00:03:22,850 --> 00:03:23,600 ‫I think you do. 40 00:03:24,020 --> 00:03:26,450 ‫What if a hacker replies before the real date? 41 00:03:27,380 --> 00:03:34,070 ‫Or what if a client sends a lot of DHCP discovery requests by changing the Mac address each time?