DHCP Server Attack
Posted on 2008-01-30
This morning users started to get IP Address conflicts on the network. I immediatley thought I had a rogue DHCP server on the network, but I did not. In the DHCP manager I kept seeing "Bad Address" for many IP Addresses. Well, I imported today's log file into excel and figured out that 2 MAC addresses on my network were being assigned all of the addressed therefore causing the issue. I found the two offending computers, they were Apple MACS.
Anyone ever see this happen or know of some Apple virus that is supposed to hit today? It is basically a denial of service attack if you think about it, but from the inside.
Any help/answers would be appreciated.