Netgear FS728TPv2 FS728TP Software Administration Manual - Page 70

FS728TP Smart Switch Software Administration Manual Services - DHCP Filtering DHCP Filtering is a useful feature that can be employed as a security measure against unauthorized DHCP servers. A known attack is when an unauthorized DHCP server responds to a client that is requesting an IP address. The server configures the gateway for the client to be equal to the IP address of the server. At that point, the client sends all of its IP traffic destined to other networks to the unauthorized machine. This gives the attacker the possibility of snooping traffic for passwords or employing a man-in-the-middle attack. DHCP Filtering works by allowing the administrator to configure each port as either a trusted port or an untrusted port. The port that has the authorized DHCP server should be configured as a trusted port. Any DHCP responses received on a trusted port are forwarded. All other ports should be configured as untrusted. Any DHCP (or BootP) responses received are discarded. From the Services link, you can access the following pages: • DHCP Filtering Configuration on page 70 • Interface Configuration on page 71 DHCP Filtering Configuration Use the DHCP Filtering Configuration page to enable or disable the DHCP Filtering feature on the switch. To access the DHCP Filter Configuration page, click System Services  DHCP Filtering  Configuration. To configure global DHCP filtering settings: 1. In the Admin Mode field, select Enable or Disable to turn the DHCP Filtering feature on or off. 2. Click Apply to apply the change to the system. Configuration changes take effect immediately. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. 70 | Chapter 2: Configuring System Information