Detecting Other DHCP Servers

From WiDirect
Jump to: navigation, search

Rogue DHCP servers can cause connection problems for your users. To detect other DHCP servers on the WiDirect you can download the roguedetect package by running these commands in an SSH window:

su -
yum install libpcap-devel gcc
perl -MCPAN -e "install Net::RawIP"
wget http://downloads.sourceforge.net/project/roguedetect/roguedetect/0.3/roguedetect-0.3.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Froguedetect%2F\&ts=1334850594\&use_mirror=iweb
tar xfz roguedetect-0.3.tar.gz
cd roguedetect
emacs dhcpDetector.pl

After running the third command above you may be prompted with various questions. Simply choose the default for each one. The last three questions may ask you to specify your region and country.

Edit line 83 of the file to specify which interface to listen on. The default is eth3. You may want eth1 or eth0. After saving your changes run the detector with this command:

./dhcpDetector.pl

To automatically run the script at intervals you can run the "crontab -e" command and update the contents to look like this:

*/27 * * * * /root/roguedetect/dhcpdetector.pl > /var/log/roguedhcp.log 2>&1

The DHCP detector will run and will identify any DHCP servers. To view the results you can view the messages file:

tail -n 20 /var/log/messages

The results can also be viewed on the log viewer from the WiDirect or WiClient GUI. That can be helpful if the detector is set to run at regular intervals.