Block DHCP Attacks - Deep Dive
Рет қаралды 1,697
Күн бұрын
@TheNetworkTrip 2 ай бұрын
DHCP attacks can catch networks off guard, but there are ways to block them. Have any thoughts or experiences with DHCP security? Share your insights below!
@XtrAMassivE 29 күн бұрын
This was very helpful, thank you
@Ventrixcode 2 ай бұрын
Thank's for the great Video. What tool are you using for the Network Simulation?
@TheNetworkTrip 2 ай бұрын
Hello! I use GNS3
@brunomartins5330 2 ай бұрын
Hello, I have the following question, I don't know if you can answer it... if we have one or more switches in front of the switch that interconnects with the router, we have to place the "trunk" (fiber) ports as "trusted" that interconnect the switches between them? Where several VLANS pass as explained in your video "Mikrotik VLANs - CRS3XX Step by Step - Mikrotik Tutorial". Thanks.
@TheNetworkTrip 2 ай бұрын
Hello! That’s correct, the trunk interfaces will be trusted.
@brunomartins5330 2 ай бұрын
@@TheNetworkTrip Thanks. I will do it.
@biki1973 2 ай бұрын
hmm since you redirect to cpu only packets that are on selected interfaces and of selected type and port destination is it still necessary to specify everything on bridge filter? i mean wouldn't it be enough to only match mac addresses and allow/block then and let the switch chip do the work of filtering out dhcp packets?
@TheNetworkTrip 2 ай бұрын
Hello! The chip is redirecting all traffic to UDP ports 67 and 68. During a DHCP starvation attack, the packets will still reach the CPU, so you need to block them manually. The chip does not block frames on its own. For DHCP snooping, no additional filters are required, as I demonstrated in the video.
@biki1973 2 ай бұрын
@@TheNetworkTrip yes i understand, i'm talking about the fact that switch chip will redirect only packets that are udp and 67-68 port src/dst so you don't need to check it again at bridge filter, and only check mac address i think less cpu based matching should be a bit faster
@TheNetworkTrip 2 ай бұрын
That’s correct if those are the only rules under the bridge. However, in a production environment, there may be additional rules targeting other traffic, so it’s important to be specific. The goal of the video is to show what’s happening first, and if we get it, we can customize the configuration as needed. There are tons of potential things we can do, but the video would be extremely longer.
@n56241 2 ай бұрын
Thanks
@TheNetworkTrip 2 ай бұрын
Welcome 🙏
@nikolashuminosky6987 2 ай бұрын
@TheNetworkTrip well done. Can i ask you , can we get video about /ip cloud advanced set use-local-address=yes and what this does?
@TheNetworkTrip 2 ай бұрын
Thank you! IP Cloud is an interesting topic, I'll record a video about it.
@pbrigham 2 ай бұрын
In IPV6 I think he will have a bit of problem in exhausting the IPV6 addresses on a network:), is time we move on and leave IPV4 behind.
@TheNetworkTrip 2 ай бұрын
100% agree!
@marine1718 24 күн бұрын
Hello i love your videos can you make a video about capsman? old one and new one please
seeVi la
Рет қаралды 46 МЛН
Wilmer Almazan / The Network Trip
Рет қаралды 4,4 М.
Admiral Platform (RemoteWinBox)
Рет қаралды 7 М.