By default, the DHCP Server runs under the credentials of the computer account that is hosting it. If it happens to be running on a domain controller, it runs under the domain controller’s computer account. A domain controller has full permissions over any Active Directory-integrated zones it replicates. The result of the DHCP Server running on a domain controller means that if the DHCP Server has been configured to dynamically register DNS records on behalf of clients, it can potentially update any record stored in an Active Directory-integrated zone. Ultimately, that leaves the zones vulnerable to name hijacking, whereby a client can cause records to be overwritten that shouldn’t be. This can cause all sorts of havoc if an attacker starts replacing important records in your zones.

(more…)

This is useful if you believe there is a rogue DHCP Server causing problems for your clients.

The dhcploc command lets you see a computer’s DHCP traffic for a broadcast domain. Simply pass in the IP address of the machine from which you are running the command:

> dhcploc 192.168.32.24

(more…)

Any time you look at the performance statistics, you need an understanding of the baseline performance. For example, if you look at the number of DHCP acknowledgments per second and find that your server is currently at 7, how do you know if that is more or less than normal? You really need to become familiar with how much traffic your server is getting so that if you suspect your server is becoming overloaded, you have a frame of reference.

(more…)

The netsh tool makes it easy to import and export DHCP Server configuration information. In the CLI solution, I showed how to export all scope information, but you can specify a subset if you want only certain ones. The following command exports only the scopes pertaining to 10.1.2.0 and 10.1.3.0:

>  netsh dhcp server export C:\dhcp.txt 10.1.2.0 10.1.3.0

(more…)

The DHCP database contains all the scope information, reservations, leases, and options. The server also backs up a portion of the DHCP Server registry key, which contain settings related to database path and audit logs among other global settings. Most of these registry values can be set with netsh. Run netsh dhcp server set /? to get a list.

(more…)