Rogue Detect is a software that scans the network by sending DHCPDISCOVER packets and waits for responses from DHCP servers.
This software is written in Perl, which makes it easy to extend to take any custom action you can think of in response to an unknown DHCP server. Whether you need to send pages, disable them, or whatever else is necessary, this software can be customized to fit your needs.
To ensure seamless operation of Rogue Detect, there are some basic requirements to consider. These include Carp, Net::RawIP, Data::Dumper, FileHandle, POSIX (to do fork() stuff), and Net::SMTP (to send email). Once you have all these elements in place, installation is quick and easy.
To begin using Rogue Detect, all you need to do is unpack the DHCPDetect.pm and dhcpdetector.pl files and install the required Perl libraries from www.cpan.org. In Debian, you can use the command 'perl -MCPAN -eshell' for easy installation. Then, edit the dhcpdetector.pl file to include your DHCP server's IP addresses, your email address, and set the defaults to your liking.
After you've edited the file, set dhcpdetect.pl as executable (chmod u+x dhcpdetect.pl) and run it as root: ./dhcpdetect.pl. Then, watch as Rogue Detect tracks any DHCP server activity on your network.
The latest release of Rogue Detect (version X.X) includes an important update that fixes a serious logic issue. With this fix, you can expect Rogue Detect to be even more reliable and precise in detecting two DHCP offers that were within 1/10th of a second of each other. Overall, Rogue Detect is a highly recommended software tool for anyone looking to maintain strict control over their network's DHCP server activity.
Version 0.4 Beta 2: N/A