Tuesday, February 23, 2010

Network: How to find a rogue DHCP server in your network

I've recently had a situation when someone set up a rogue DHCP server in our network. While my machine was able to connect to a proper server, my router was stubbornly picking up a bogus one.

To find if you network has a rogue DHCP server use a utility from Microsoft called dhcploc.exe. It allows you to send out a DHCP request and capture the DHCP offer data.

Note: dhcploc does work in Vista and Windows 7, but the installer does not. Download Windows XP Service Pack 2 Support Tools. Then extract all the files within the MS exe archive. Alternatively you can find it in one of the cabs in \support\tools\ on the Windows XP cd.

dhcploc your IP address
in a command prompt and wait for the replies.

No comments: