Rogue DHCP Server Detection Tool has been created by the Microsoft Windows DHCP Team to provide system administrators and users with a tool to detect rogue DHCP servers. The team classifies rogue DHCP servers as servers that have been unintentionally misconfigured, unauthorized unknowingly or configured with malicious intent. The impact of these servers on clients that are served by it can be quite critical including the possibilities for network access problems but also sniffing network traffic sent by clients.
The security program is a portable application that can be started right after downloading it from the Technet servers. It will display a graphical user interface that will list all discovered DHCP servers. A click on the Detect Rogue Server button is required to initiate the scan of the computer network.
The Microsoft Rogue Detection Tool will then display all DHCP servers in the list that it considers rogue servers (It is not clear if it classifies all servers as rogue servers in the beginning). Information like the server IP, gateway address and offered client IP are displayed in the list. It is possible to check the valid DHCP server box to classify the server as a valid server which will make that information persistent.
The program can be configured to run once or at specified intervals. It is furthermore possible to select only specific interfaces. Currently only IPv4 interfaces are supported with plans to add IPv6 interfaces in the future.
Microsoft's Rogue Detection Tool can be downloaded from the announcement page over at the DHCP Team blog.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.