This DDOS attack will send DHCP discover messages until all available DHCP IP addresses within its scope are saturated. Once this attack is completed you could launch a rouge DHCP server and start poisoning DHCP clients with your router or DNS server information.
A tool which allows you to perform this attack is called Yersinia. This program is included in the well-known Linux penetration tool distribution BackTrack which is available for download on the following site:
http://www.backtrack-linux.org/
Steps to perform:
- Download BackTrack & Start your distribution
- Check that the DHCP Server has not leased all available addresses yet
- Login BackTrack and open a terminal window
- Type yersinia –G to start the graphic interface of Yersinia
- Click on the DHCP tab
- Click on the Attack tab and select the Sending DHCP Discover Packets option
- Click OK and watch the amount of requests send
- Click on the List Attacks tab
- Click on Cancel all Attacks
- Go back to you DHCP server and check if the amount of leased IP addresses has increased
RootSecurity 