10-09-2023 08:26 PM
Hi everyone,
Is there anyway for us to utilize Palo NGFW to prevent or mitigate DHCP starvation attack.
For example, a user's BYOD device is infected with malware, after authenticated with eduroam network, the device start performing DHCP starvation attack without the user even realize.
I have tried looking online for solutions, there's recommendation such as DHCP snooping, port security in layer 2 but not sure if it is effective for shared network/wifi zone.
Thank you in advance your help!
10-10-2023 01:27 AM
Hello LuckyLau,
You can set some rate limiting toward the DHCP server with DoS profile.
But not sure it is as efficient as other L2 mechanism (I'm a fan of blocking as soon as possible an unwanted traffic)
Olivier
PCSNE - CISSP
Best Effort contributor
Check out our PANCast Channel
Disclaimer : All messages are my personal ones and do not represent my company's view in any way.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
