Quick Reference Guide
GS108T and GS110TP Smart Switch Software Administration Manual
Configuring System Information 2-45
v1.0, April 2010
Services — DHCP Filtering
DHCP Filtering is a useful feature that can be employed as a security measure against
unauthorized DHCP servers. A known attack is when an unauthorized DHCP server responds to a
client that is requesting an IP address. The server configures the gateway for the client to be equal
to the IP address of the server. At that point, the client sends all of its IP traffic destined to other
networks to the unauthorized machine. This gives the attacker the possibility of snooping traffic
for passwords or employing a man-in-the-middle attack. DHCP Filtering works by allowing the
administrator to configure each port as either a trusted port or an untrusted port. The port that has
the authorized DHCP server should be configured as a trusted port. Any DHCP responses received
on a trusted port are forwarded. All other ports should be configured as untrusted. Any DHCP (or
BootP) responses received are discarded.
From the Services link, you can access the following pages:
• “DHCP Filtering Configuration” on page 2-45
• “Interface Configuration” on page 2-46
DHCP Filtering Configuration
Use the DHCP Filtering Configuration page to enable or disable the DHCP Filtering feature on the
switch.
To access the DHCP Filter Configuration page, click System Services DHCP Filtering
Configuration.