DHCP Attacks — Starvation & Rogue Servers

DHCP hands every device on the network its IP, its gateway, and its DNS server — and like ARP, it was built to trust whatever shows up on the wire. That trust is two attacks: starve the legitimate server until it can hand out nothing, then stand up your own rogue server that answers first and quietly makes itself the gateway. Here is how DORA works, how both attacks abuse it, and why DHCP snooping is the one control that ends the whole class.