The dhcp_probe tool can be used to passively detect rogue DHCP servers on IPv4 networks. Upon detection, the service can execute custom commands to, for example, block the culprit via RADIUS or notify the system administrator.
debops.dhcp_probe role can be used to install and configure
dhcp_probe on a Debian/Ubuntu host. It will utilize
systemd instance templates to run DHCP Probe instances on multiple
network interfaces at once. By default, an e-mail message will be sent to the
system administrator with notification on newly detected rogue DHCP servers.
debops.dhcp_probe - Configure DHCP Probe using Ansible Copyright (C) 2014-2018 Maciej Delmanowski <firstname.lastname@example.org> Copyright (C) 2014-2018 DebOps <https://debops.org/> SPDX-License-Identifier: GPL-3.0-only This Ansible role is part of DebOps. DebOps is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3, as published by the Free Software Foundation. DebOps is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with DebOps. If not, see https://www.gnu.org/licenses/.