Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



Detect runaway DHCP clients

Posts: 12
972     0

I'm wondering how I would set up an alert to catch the occasional rogue client that absolutely hammers a DHCP server with repeat requests. Almost exclusively Cisco phones, once in a while, I'll get a device that issues a few thousand DHCP requests a minute in perpetuity and fills syslog files faster than logrotation can handle as scheduled, causing filesystem full alerts. I would love to get an email if such a client shows up on the network so I could tell the VOIP folks to kill the phone's switchport and possibly based on mac address, send the alert directly to their team.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You