Dynamic Host Configuration Protocol (DHCP) is a standardized protocol (defined in RFC 2131) used in Internet Protocol (IP) networks for dynamically assigning IP addresses and other critical network configuration parameters to devices (clients) on the network. This automation simplifies network administration by reducing the need for manual configuration of individual devices.
A DHCP starvation attack involves an attacker sending a large number of DHCP requests, often with spoofed or random MAC addresses, to exhaust the pool of available IP addresses in the DHCP server's scope. Once the pool is depleted, legitimate clients attempting to get an IP address from the DHCP server will fail. As a result, these clients may fall back to APIPA (Automatic Private IP Addressing), which assigns them an IP address in the 169.254.x.x range. This fallback prevents them from accessing network resources that require a valid DHCP-assigned IP address, effectively causing a denial of service for legitimate users on the network.
****
A) Exploitation of DHCP relay agents to create man-in-the-middle positions...
This refers to more sophisticated attacks that involve intercepting DHCP traffic, such as DHCP spoofing or Man-in-the-Middle (MitM) attacks, rather than simply exhausting the DHCP pool.
B) Compromise of the DHCP server's lease database...
This suggests an attack that directly manipulates the DHCP server's internal data, which is not the primary focus of a DHCP starvation attack.
C) Saturation of switch CAM tables with spoofed MAC addresses...
This describes a MAC flooding attack, not a DHCP starvation attack. MAC flooding targets the switch's CAM table to force it into a fail-open mode, causing it to act like a hub and potentially leading to broadcast storms.