


The benefits of DHCP are obvious, this protocol prevents a network admin from having to manually configure each user's machine to give them access to the network. Its main purpose is to automate the configuration of nodes on a TCP/IP network so they can use network services like (DNS, NTP, the internet, etc). When we refer to the "user" over the course of this lab, we're referring to the individual trying to connect to the network by using DHCP or communicating over the network with HTTP.īefore intercepting traffic, let's gain a bit of insight about what DHCP is and what we'll be looking for in these packets.ĭHCP is in an application layer protocol. The data above is from a packet capture (PCAP) file that was created for educational purposes only. The capture files we'll be examining are publicly available at this link so you can download them here and follow along if you wish.

If not, the installation is really simple (actually) and you can do it here: ) We're going to assume you already have Wireshark installed. In this tutorial we'll be retrieving user device information from Dynamic Host Configuration Protocol (DHCP) traffic as well as browser and operating system information from HTTP traffic.
