sudo ifconfig ethX promisc
tshark -i ethX -n port 68 -R 'bootp.type == 2'
Thanks to http://blog.siufatfat.net/2013/08/25/locating-rogue-dhcp-on-linux/
sudo ifconfig ethX promisc
tshark -i ethX -n port 68 -R 'bootp.type == 2'
Thanks to http://blog.siufatfat.net/2013/08/25/locating-rogue-dhcp-on-linux/
sudo tcpdump -i eth0 port 67 or port 68 -nev and “ether host <<MAC ADDRESS>>”
ether host <mac address>
verbose:
-vv
packet size for full details:
-s 1500
prevent name resolution:
-n