Systems and methods for denying rogue DHCP services

US 7,756,976 B2
Filed: 03/18/2005
Issued: 07/13/2010
Est. Priority Date: 03/18/2005
Status: Active Grant

First Claim

Patent Images

1. A method of controlling dynamic host control protocol (DHCP) communication on a network comprising a plurality of DHCP servers, the method comprising:

configuring each of the plurality of DHCP servers to hold in memory all DHCP offers made by the DHCP server and lacking a response from a network switch, wherein the network switch includes at least one physical port designated as a port authorized to send DHCP offer frames and at least one physical port designated as a port unauthorized to send DHCP offer frames;

receiving a data frame at a physical port on the network switch;

if the data frame is a DHCP offer frame, determining whether the physical port of the network switch receiving the data frame is an authorized physical port to send DHCP offer frames based on whether the physical port comprises the at least one physical port designated as a port authorized to send DHCP offer frames;

in response to determining that the physical port is an authorized physical port to send DHCP offer frames, forwarding the received DHCP offer frame; and

in response to determining that the physical port is not an authorized physical port to send DHCP offer frames, dropping the received DHCP offer frame.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods of controlling dynamic host control protocol (DHCP) communication on a network are presented including: receiving a data frame on a network switch; and if the data frame is a DHCP offer frame that is not received from an authorized DHCP server port, dropping the data frame. In some embodiments, methods further include if the data frame is not the DHCP offer frame, forwarding the data frame. In some embodiments, methods further include if the data frame is the DHCP offer frame that is received from the authorized DHCP server port, forwarding the data frame.

5 Citations

View as Search Results

24 Claims

1. A method of controlling dynamic host control protocol (DHCP) communication on a network comprising a plurality of DHCP servers, the method comprising:
- configuring each of the plurality of DHCP servers to hold in memory all DHCP offers made by the DHCP server and lacking a response from a network switch, wherein the network switch includes at least one physical port designated as a port authorized to send DHCP offer frames and at least one physical port designated as a port unauthorized to send DHCP offer frames;
  
  receiving a data frame at a physical port on the network switch;
  
  if the data frame is a DHCP offer frame, determining whether the physical port of the network switch receiving the data frame is an authorized physical port to send DHCP offer frames based on whether the physical port comprises the at least one physical port designated as a port authorized to send DHCP offer frames;
  
  in response to determining that the physical port is an authorized physical port to send DHCP offer frames, forwarding the received DHCP offer frame; and
  
  in response to determining that the physical port is not an authorized physical port to send DHCP offer frames, dropping the received DHCP offer frame.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - if the data frame is not a DHCP offer frame, forwarding the data frame.
  - 3. The method of claim 1, wherein the holding in memory of all DHCP offers made by the DHCP servers and lacking a response from the network switch causes a memory buffer of a rogue DHCP server to overflow and to eventually stop issuing rogue DHCP offers at some point.
  - 4. The method of claim 1 further comprising:
    - logging an event in response to the dropping the data frame.
  - 5. The method of claim 4 wherein the logging the event comprises:
    - storing a flag type entry;
      
      storing a rogue DHCP port entry; and
      
      storing a timestamp entry for the event.
  - 6. The method of claim 1 further comprising:
    - generating an alert in response to the dropping the data frame.
  - 7. The method of claim 1 wherein determining whether the physical port of the network switch is an authorized physical port to send DHCP offer frames is not based on an identity of a data source transmitting the DHCP offer frame to the physical port.

8. A method of disabling a rogue dynamic host control protocol (DHCP) server processes on a DHCP enabled network comprising a plurality of DHCP servers, the method comprising:
- configuring each of the plurality of DHCP servers to hold in memory all DHCP offers made by the DHCP server and lacking a response from a DHCP enabled network switch, wherein the DHCP enabled network switch includes at least one physical port designated as a port authorized to send DHCP offer frames and at least one physical port designated as a port unauthorized to send DHCP offer frames;
  
  receiving a client frame at a physical port on the DHCP enabled network switch;
  
  if the client frame is a DHCP offer frame, determining whether the physical port of the DHCP enabled network switch receiving the data frame is an authorized physical port to send DHCP offer frames based on whether the physical port comprises the at least one physical port designated as a port authorized to send DHCP offer frames; and
  
  in response to determining that the physical port is an authorized physical port to send DHCP offer frames, forwarding the received DHCP offer frame, wherein the network switch drops the received DHCP offer frame in response to determining that the physical port is not an authorized physical port to send DHCP offer frames.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8 further comprising:
    - if the client frame is not a DHCP offer frame, forwarding the client frame.
  - 10. The method of claim 8, wherein the holding in memory of all DHCP offers made by the DHCP servers and lacking a response from the DHCP enabled network switch causes a memory buffer of a rogue DHCP server to overflow at some point.
  - 11. The method of claim 8 further comprising:
    - logging an event in response to the dropping the client frame.
  - 12. The method of claim 11 wherein the logging the event comprises:
    - storing a flag type entry;
      
      storing a designated port entry; and
      
      storing a timestamp entry for the event.
  - 13. The method of claim 8 further comprising:
    - generating an alert in response to the dropping the client frame.

14. A DHCP enabled network comprising:
- a plurality of DHCP servers each configured to hold in memory all DHCP offers made by the DHCP server and lacking a response from a DHCP enabled network switch, wherein the DHCP enabled network switch includes at least one physical port designated as a port authorized to send DHCP offer frames and at least one physical port designated as a port unauthorized to send DHCP offer frames; and
  
  the DHCP enabled network switch comprising;
  
  a client frame receiving component for receiving a client frame at a physical port on the DHCP enabled network switch; and
  
  a DHCP server identification component for determining whether the client frame is a DCHP offer frame and, if the client frame is a DHCP offer frame, determining whether the physical port of the DHCP enabled network switch receiving the data frame is an authorized port to send DHCP offer frames based on whether the physical port comprises the at least one physical port designated as a port authorized to send DHCP offer frames, wherein the DHCP enabled network switch is configured to drop the received DHCP offer frame in response to determining that the physical port is not an authorized physical port to send DHCP offer frames.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The DHCP enabled network of claim 14 further comprising:
    - a data forwarding component for forwarding the client frame if the DHCP server identification component determines that the client frame is a DHCP offer frame and the physical port is an authorized physical port to send DHCP offers.
  - 16. The DHCP enabled network of claim 14 further comprising:
    - a logging component configured to log an event in response to determining that the client frame is a DCHP offer frame and that the physical port is not an authorized physical port to send DHCP offer frames.
  - 17. The DHCP enabled network of claim 16 wherein the event comprises:
    - a flag type entry;
      
      a designated port entry; and
      
      a timestamp entry.
  - 18. The DHCP enabled network of claim 14 further comprising:
    - a notification component configured to notify a user in response to determining that the client frame is a DCHP offer frame and that the physical port is not an authorized physical port to send DHCP offer frames.

19. A computer program product for use in conjunction with a computer system for disabling a rogue dynamic host control protocol (DHCP) server processes on a DHCP enabled network comprising a plurality of DHCP servers, the computer program product comprising a computer readable storage device and a computer program mechanism embedded therein, the computer program mechanism comprising:
- instructions for configuring each of the plurality of DHCP servers to hold in memory all DHCP offers made by the DHCP server and lacking a response from a DHCP enabled network switch, wherein the DHCP enabled network switch includes at least one physical port designated as a port authorized to send DHCP offer frames and at least one physical port designated as a port unauthorized to send DHCP offer frames;
  
  instructions for receiving a client frame at a physical port on the DHCP enabled network switch;
  
  if the client frame is a DHCP offer frame, instructions for determining whether the physical port of the DHCP enabled network switch receiving the data frame is an authorized physical port to send DHCP offer frames based on whether the physical port comprises the at least one physical port designated as a port authorized to send DHCP offer frames; and
  
  in response to determining that the physical port is not an authorized physical port to send DHCP offer frames, instructions for dropping the client frame thereby disabling rogue DHCP server processes on the DHCP enabled network.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The computer program product of claim 19, wherein the holding in memory of all DHCP offers made by the DHCP servers and lacking a response from the DHCP enabled network switch causes a memory buffer of a rogue DHCP server to overflow and to eventually stop issuing rogue DHCP offers at some point.
  - 21. The computer program product of claim 19 further comprising instructions for:
    - if the client frame is a DHCP offer frame that is received from an authorized physical port to send DHCP offer frames, forwarding the client frame.
  - 22. The computer program product of claim 19 further comprising:
    - instructions for logging an event in response to the dropping the client frame.
  - 23. The computer program product of claim 22 wherein the instructions for logging the event comprises:
    - instructions for storing a flag type entry;
      
      instructions for storing a designated port entry; and
      
      instructions for storing a timestamp entry for the event.
  - 24. The computer program product of claim 19 further comprising:
    - instructions for generating an alert in response to the dropping the client frame.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Purser, Jimmy Ray
Primary Examiner(s)
Flynn; Nathan
Assistant Examiner(s)
Park; Jeong S

Application Number

US11/084,440
Publication Number

US 20060212560A1
Time in Patent Office

1,943 Days
Field of Search

709/225
US Class Current

709/225
CPC Class Codes

H04L 61/5014 using dynamic host configur...

H04L 61/5046 Resolving address allocatio...

Systems and methods for denying rogue DHCP services

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

5 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for denying rogue DHCP services

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

5 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others