User Tools
networking:dhcp_find_rogue
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
networking:dhcp_find_rogue [2018/07/20 12:33] gcooper |
networking:dhcp_find_rogue [2018/07/20 12:46] (current) gcooper |
||
|---|---|---|---|
| Line 33: | Line 33: | ||
| - **Filter** on '' | - **Filter** on '' | ||
| * Shows DHCP Offer packets | * Shows DHCP Offer packets | ||
| - | - | ||
| + | ===== Track It Down ===== | ||
| + | |||
| + | From a CMD prompt, you can check for: | ||
| + | |||
| + | * Reverse DNS info | ||
| + | * Find the MAC address | ||
| + | * Check for NETBIOS name | ||
| + | |||
| + | < | ||
| + | nslookup <IP of rogue DHCP server> | ||
| + | </ | ||
| + | |||
| + | < | ||
| + | ping <IP of rogue DHCP server> | ||
| + | arp -a | ||
| + | </ | ||
| + | |||
| + | < | ||
| + | nbtstat -A <IP of rogue DHCP server> | ||
| + | </ | ||
| + | |||
| + | Knowing the manufacturer of the rogue device might help, once you know the MAC address. | ||
| + | |||
| + | https:// | ||
| + | |||
| + | Finally, use ' | ||
networking/dhcp_find_rogue.1532111628.txt.gz · Last modified: 2018/07/20 12:33 by gcooper
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
