← Back to Explore
T1557.003
DHCP Spoofing
Adversaries may redirect network traffic to adversary-owned systems by spoofing Dynamic Host Configuration Protocol (DHCP) traffic and acting as a malicious DHCP server on the victim network. By achieving the adversary-in-the-middle (AiTM) position, adversaries may collect network communications, including passed credentials, especially those sent over insecure, unencrypted protocols. This may also enable follow-on behaviors such as [Network Sniffing](https://attack.mitre.org/techniques/T1040) o...
LinuxWindowsmacOS
1
Detections
1
Sources
0
Threat Actors
BY SOURCE
1sigma
PROCEDURES (1)
Authentication Monitoring1 detections
Auto-extracted: 1 detections for authentication monitoring