Microsoft Rogue Detection Tool - gHacks Tech News

Microsoft Rogue Detection Tool

microsoft windowsRogue DHCP Server Detection Tool has been created by the Microsoft Windows DHCP Team to provide system administrators and users with a tool to detect rogue DHCP servers. The team classifies rogue DHCP servers as servers that have been unintentionally misconfigured, unauthorized unknowingly or configured with malicious intent. The impact of these servers on clients that are served by it can be quite critical including the possibilities for network access problems but also sniffing network traffic sent by clients.

The security program is a portable application that can be started right after downloading it from the Technet servers. It will display a graphical user interface that will list all discovered DHCP servers. A click on the Detect Rogue Server button is required to initiate the scan of the computer network.

microsoft rogue detection tool

The Microsoft Rogue Detection Tool will then display all DHCP servers in the list that it considers rogue servers (It is not clear if it classifies all servers as rogue servers in the beginning). Information like the server IP, gateway address and offered client IP are displayed in the list. It is possible to check the valid DHCP server box to classify the server as a valid server which will make that information persistent.

The program can be configured to run once or at specified intervals. It is furthermore possible to select only specific interfaces. Currently only IPv4 interfaces are supported with plans to add IPv6 interfaces in the future.

Microsoft's Rogue Detection Tool can be downloaded from the announcement page over at the DHCP Team blog.


We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Previous Post: «
Next Post: »


  1. Rarst said on July 7, 2009 at 8:01 pm

    Awesome. There are few things that make huge network go haywire faster than some stupid stupid router imaging itself to be domain DHCP server. :)

    Will have plenty of use for this one, thanks!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.