The DHCP starvation attack is a type of DHCP server attack in which an attacker creates faked DHCP queries with the goal of consuming all of the DHCP server's available IP addresses. Legitimate network users may be refused service as a result of this assault.
An attacker uses faked (counterfeit) MAC addresses to flood an Ethernet LAN with DHCP queries in a DHCP starvation attack. The switch's trusted DHCP server or servers can no longer keep up with the requests, and valid DHCP clients on the switch can no longer be assigned IP addresses or lease times.
In a DHCP Starvation attack, an adversary sends a large number of fake DISCOVER packets until the DHCP server believes it has exhausted its available pool. Clients that are asking for IP addresses are told there are none available, and they are denied service.
Clients who are legitimate are unable to lease IP addresses. Clients are assigned IP addresses by a rogue DHCP server. Clients are given inaccurate DNS and default gateway information by the attacker.
When a genuine client requests an IP address from an overloaded DHCP server, a DHCP starvation attack causes a denial of service (DoS). An attempt at a Man-in-the-Middle (MITM) attack is frequently followed by a DHCP starvation assault.
Cyber Forensics Masterclass with Hands on learning