×

Systems and methods for detecting the insertion of poisoned DNS server addresses into DHCP servers

  • US 8,370,933 B1
  • Filed: 11/24/2009
  • Issued: 02/05/2013
  • Est. Priority Date: 11/24/2009
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for detecting the insertion of poisoned Domain Name System (“

  • DNS”

    ) server addresses into Dynamic Host Configuration Protocol (“

    DHCP”

    ) servers, at least a portion of the method being performed by a client computing device comprising at least one processor, the method comprising;

    monitoring, at the client computing device, a DHCP server that provides DHCP services to the client computing device;

    identifying, by monitoring the DHCP server at the client computing device, a DNS server address provided by the DHCP server to the client computing device;

    determining, at the client computing device, that the DNS server address provided by the DHCP server differs from a prior DNS server address that was previously provided to the client computing device by the same DHCP server;

    determining, at the client computing device due at least in part to the DNS server address differing from the prior DNS server address, that a DNS server located at the DNS server address provided by the DHCP server represents a potential security risk;

    performing, at the client computing device, a security operation in an attempt to remedy the potential security risk.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×