Professional Documents
Culture Documents
For
DHCP Server
Table of Contents
1. Introduction..............................................................................................................................3
1.1 Purpose.................................................................................................................................3
1.2 Product Scope...................................................................................................................... 4
1.3 References............................................................................................................................5
2. Overall Description..................................................................................................................6
2.1 Product Perspective..............................................................................................................6
2.2 Product Functions................................................................................................................ 7
2.3 User Classes and Characteristics......................................................................................... 7
2.4 Operating Environment........................................................................................................7
2.5 Design and Implementation Constraints..............................................................................7
2.6 User Documentation............................................................................................................ 8
2.7 Assumptions and Dependencies........................................................................................ ..9
3. External Interface Requirements......................................................................................... 10
3.1 User Interfaces................................................................................................................... 10
3.2 Hardware Interfaces........................................................................................................... 10
3.3 Software Interfaces............................................................................................................ 10
3.4 Communications Interfaces............................................................................................... 10
4. System Features..................................................................................................................... 11
4.1 System Feature 1................................................................................................................11
4.2 System Feature 2 (and so on).............................................................................................11
5. Other Nonfunctional Requirements.....................................................................................12
5.1 Performance Requirements................................................................................................12
5.2 Safety Requirements.......................................................................................................... 12
5.3 Security Requirements....................................................................................................... 13
5.4 Software Quality Attributes............................................................................................... 13
5.5 Business Rules................................................................................................................... 13
6. Other Requirements.............................................................................................................. 14
1
Software Requirements Specification for DHCP Server
Appendix A: Glossary..................................................................................................................15
Appendix B: Analysis Models..................................................................................................... 17
Appendix C: To Be Determined List..........................................................................................19
7. Server…………………………………………………………………………………………22
7.1IPv4server………………………………………….…………………..............22
7.2IPv4scope ……………………………………………………………………23
7.3IPv6server ……………………………………………………………………………..…23
8 DHCPScope ………………………………………………………………………………….24
2
Software Requirements Specification for DHCP Server
1. Introduction
1.1 Purpose :-
DHCP is the abbreviation of "Dynamic Host Configuration Protocol". DHCP is a protocol which
allows the server to allocate an IP Address to every client or computer on the network automatically.
This means that whenever a computer joins a DHCP server, it will automatically be given an IP
address. There is a lot more information which a DHCP server can provide to the client depending
on the requirement of the situation.
Nowadays, most of the devices are configured in a way that they automatically search for a DHCP
server and asks it to allocate an IP address to it automatically. In this section we will be discussing
the main purposes of DHCP as well as some technical properties associated with it. It is important
to know that this process makes use of a coherent process to ensure that there is no overlapping of
IP Addresses and the network runs smoothly. The main properties which we will be dealing with
include Static IP Addressing, Dynamic IP Addressing, Reservations, Scopes, Leases and Options. It
is interesting to know how most of the components of DHCP function collaboratively to make the
system flawless.
3
Software Requirements Specification for DHCP Server
Have you ever wondered that how do DHCP servers determine which IP Addresses are supposed to
be allocated to the clients? Is the process completely random or are there still any limitations? Well,
considering the complexity of various networks and the existence of colossal number of devices all
over the world, the IP Addresses have to be managed in an effective way. This is the reason why the
process of allocation of IP Addresses is not a totally random process. There are ranges of IP
Addresses which are allocated to different organizations. It is the strict responsibility of this
organization to make sure that it allocates its clients with IP Addresses from this range. For your
ease, this range is given a special name, known as Scope. The scope of an organization limits the
number of IP Addresses which it can provide the clients with. This not only eliminates a lot of
problems, it provides a great benefit to manage and operate the whole system in an effective and
efficient manner.
The size of the Scopes depends on the size of the networks for which they are assigned. For a large
network, the scope will be large while for a small network the scope will also be less. The basic
purpose behind the allocation of these scopes is to make sure that there is not overlapping of IP
Addresses and every device is strictly allocated with a different IP Address. The problems which
might occur without the existence of scopes are colossal, as in that case the IP Addresses will be
4
Software Requirements Specification for DHCP Server
duplicated and the data will not be able to find the correct path to its destination. The process of
DHCP is quite useful for us, and we should us it effectively to make sure we do not encounter any
issue. The process of configuration of scopes on DHCP servers is a complex task, which you will
get to know at a later stage.
1.3 References
Alata E. & Nicomette V. & Kaâniche M. & Dacier M. & Herrb M.,2006.Lessons
learned from the deployment of a high-interaction in Networking , EDCC'06.
5
Software Requirements Specification for DHCP Server
2. Overall Description
DHCP server automatically assigns IP addresses to the computers and other devices on each
local area network (LAN). In this section you can view a list of assigned IP addresses and
reserve IP addresses for particular devices. Production DHCP Services are used to protect the
company from attacks and provide ip address, they are implemented inside the production
network to improve the overall security. They are capturing a limited amount of information,
mostly low interaction DHCP server are used. Thus, security administrator watches the
hacker’s movements carefully and tries to lower the risks that may come from it towards the
company. At this point, we will try to discuss and find out the risks of using production
honeypots. Because while testing the security of the systems existing in an organization,
unexpected actions may happen such as misusing other systems using honeypot features. If the
network administrator is not aware of this problem, they put organization in a big trouble.
Active Leases : - A list of devices that have been provided DHCP leases. The DHCP server
automatically assigns these leases. This list will not include any devices that have static IP
addresses on the network. Select a device and click reserve to add the device and its IP address to
the list of Reservations .roduction honeypots are placed inside a production network with other
production servers in the role of a decoy as part of a network intrusion detection system (IDS). They
are designed to appear real and contain information or a resource of value with which to attract
and occupy hackers.
6
Software Requirements Specification for DHCP Server
2.3
User Classes and Characteristics
-Client: They can use the service of honeypot and able to enable on any port of system.-
Administrator: They are the core users and are able to make fool to attacker while attacking on
system. They can also get the overall report of the user sessions.
-Job seeker: They will be in a position to permit access to the users in the Internet and
acknowledge their account status.
Decoy Server is an advanced DHCP server doesn't emulate services; instead, it creates multiple
instances of real operating systems. Attackers then interact with these real operating systems and
applications. This information is fed into a central system, where it's combined with data from
ManHunt.
-client/server
7
Software Requirements Specification for DHCP Server
–OS:
–Platform:PHP/Apache Server
The product is under development stage and requires a complete implemented prototype to explain
the user documentation. Once the prototype is designed and implemented online manuals, user
manuals can be provided.
8
Software Requirements Specification for DHCP Server
-System, Ubantu.
--A browser which supports HTML php.
-Operating system: We have chosen Ubantu operating system for its best support and
user-friendliness.
-php: To implement the project we have chosen php language for its more interactive
support.
- web browser -
network server communications protocol
9
Software Requirements Specification for DHCP Server
4. System Features
4.1 Authentication
The system offers access to Internet at client level and access to server resources at server
level only by validating the user with the unique username and password.
All system should have the client for program running. The server should identify
individual systems by their name. The system must interface with SSH, HTTP, and HTTPS
protocols.
Input : User enable honeypot
Output : Attacker xss script, Activity of attacker
10
Software Requirements Specification for DHCP Server
-The system is able to track activities of attacker. The solution must also feature functionality for
efficient retrieval of attackers data. -
Application has capability of use of unused IP.
The data handled in this system is very vital. The server should always be confirmed to run properly
and the data are saved to the database at consecutive intervals. Power is a significant feature and the
power supply should be always taken care of. An Uninterrupted Power Supply is always
recommended.
The security system features from having a login for all the users to access the software. So the
chances of the software getting intruded are very less.
5.4.1 Reliability
-Application shall support the re-validation of performance capabilities whenever an
element(s) upgrade / enhancement is made, which may cause a change in performance.
5.4.2 Availability
11
Software Requirements Specification for DHCP Server
5.4.3 Maintainability
-The system shall have ability to customize user menus and screens based on user access
authority.
-Application shall be designed to permit the easy insertion of new modules and new
enhancements.
-Illegal duplication of reports should be strictly dealt with. The administrator should have full
details of the user while the user is getting registered to the system.
12
Software Requirements Specification for DHCP Server
6. Other Requirements
13
Software Requirements Specification for DHCP Server
14
Software Requirements Specification for DHCP Server
The basic purposes of activity diagrams is similar to other four diagrams. It captures the dynamic
behavior of the system. Other four diagrams are used to show the message flow from one object to
another but activity diagram is used to show message flow from one activity to another.
15
Software Requirements Specification for DHCP Server
16
Software Requirements Specification for DHCP Server
17
Software Requirements Specification for DHCP Server
18
Software Requirements Specification for DHCP Server
Sequence diagrams are a popular dynamic modeling solution in UML because they specifically
focus on lifelines, or the processes and objects that live simultaneously, and the messages
exchanged between them to perform a function before the lifeline ends.
6.6
19
Software Requirements Specification for DHCP Server
A Static IP address is a dedicated IP address that has been assigned to you. This is an IP address that
is used by you every time you log in to network and need an IP address.
DHCP or Dynamic is an IP address that will automatically be chosen for you from a pool of IP
addresses that are assigned in the DHCP scope available on your network. Think Static as
permanent and DHCP as temporary. Traditional honeypot technology is server based and not able to
detect client-side attacks.
A low interaction honeypot like Honeyd, or a high interaction honeynet system with the Roo
Honeywall, acts as a server.
The main differences between a client-side honeypot and traditional honeypot are:-
* client-side: it simulates/drives client-side software and does not expose server based services to be
attacked.
* active: it cannot lure attacks to itself, but rather it must actively interact with remote servers to be
attacked.
* identify: whereas all accesses to the traditional honeypot are malicious, the client-side honeypot
must discern which server is malicious and which is benign.
20
Software Requirements Specification for DHCP Server
7. SERVER
The Dynamic Host Configuration Protocol version 4 (DHCPv4) allows for the automatic
configuration of client systems on an Internet Protocol version 4 (IPv4) network. Windows
Server 2008 and above also provides the ability to provide IPv6 addresses through DHCP.
A Dynamic Host Configuration Protocol (DHCP) server provides the dynamic distribution
of IP addressing and configuration information to clients. Normally the DHCP server
provides the client with at least this basic information of IP Address, Subnet Mask and
Default Gateway.Other information can be provided including Domain Name Service (DNS)
server addresses, DNS search suffixes and Windows Internet Name Service (WINS) server
addresses.
A DHCP scope is the consecutive range of IP addresses that the DHCP server can provide
(lease) to clients on a subnet. Scopes typically define a single physical subnet on your
network to which DHCP services are offered.
DHCP scope options are options configured at the scope level and are automatically
inherited by reservations. When these options are specifically configured at the reservation
level they override the setting configured at the scope and server level. Options configured
here override options configured at the server level.
21
Software Requirements Specification for DHCP Server
The Dynamic Host Configuration Protocol version 6 (DHCPv6) provides IPv6 hosts with
IP addresses, IP prefixes and/or other configuration required to operate on an IPv6
network.Windows Server 2008 and above provides DHCPv6 support.
DHCP server options are options configured at the server level and are automatically
inherited by scopes and reservations. When these options are specifically configured at the
scope or reservation level they override the setting configured at the server level.
22
Software Requirements Specification for DHCP Server
8. DHCP scopes : -
A scope can be defined as a set of IP addresses which the DHCP server can allocate or assign to
DHCP clients. A scope contains specific configuration information for clients that have IP
addresses which are within the particular scope. Scope information for each DHCP server is specific
to that particular DHCP server only, and is not shared between DHCP servers. Scopes for DHCP
servers are configured by administrators. A DHCP has to have at least one scope, which includes
the following properties. The specified range of IP addresses which are going to be leased to
DHCP clients.
The subnet mask. The DHCP scope options (DNS IP addresses, WINS IP addresses). The lease
duration. The default of 8 days is suitable for small networks. Any reservations. Reservations
include elements such as a client always receiving the same IP addresses and TCP/IP
configuration information when it starts. Therefore, when you start designing your DHCP
strategy, and you are defining the scopes for your DHCP servers, you should clarify the
following. The start and end addresses which would define the range of addresses you want to
utilize. The subnet mask of the particular subnet.
The amount of time that the lease should be for the IP addresses leased from your scopes. All
other TCP/IP configuration information which you want assigned to DHCP clients. Determine
those IP addresses that you want to reserve for clients. Determine whether any clients using
statically assigned IP addresses need to be excluded from the address pool.If you have multiple
scopes, remember that clients can only obtain IP addresses from the subnet to which they belong.
Clients cannot obtain IP addresses from scopes that are connected with different subnets.
However, if your clients should be able to obtain IP addresses from other scopes, you can configure
a super scope. A super scope is the grouping of scopes under one administrative entity that enables
clients to obtain IP addresses, and renew IP addresses from any scope that is part of the super
scope. Super scopes are typically created for under the following circumstances: The existing
scope. s IP addresses supply is being depleted. You want to use two DHCP servers on the same
23
Software Requirements Specification for DHCP Server
subnet. This is usually for providing redundancy. You need to move clients from one
range of IP addresses to a different range of IP addresses.
contacts the DDNS server to register its IP addresses because the Windows Server 2003 DHCP
service dynamically updates the DNS records on behalf the client. With Windows Server 2003
DHCP, three options are available for registering IP addresses in DNS. The options can be
configured for the DHCP server, or for each individual scope. The options which can be specified to
enable/disable the DHCP service to dynamically update DNS records on behalf of the client
are: The DHCP server can be configured to not register any IP address of the DHCP clients when
it assigns IP addresses to these clients. The DHCP server can be configured to at all times register
all IP address of clients when they receive IP addresses from the DHCP server. The default option
results in the DHCP server registering the IP addresses of clients with the authoritative DNS server,
based on the client. s request for an IP address.
24
Software Requirements Specification for DHCP Server
information being entered at one location, and the server distributing this information to
clients. Duplicated IP addresses are prevented. IP addresses are also preserved. DHCP
servers only allocate IP addresses to clients when they request them. The DHCP service
can assign IP addresses to both individual hosts, and multi cast groups. Multicast groups are
used when communication occurs with server clusters. DHCP service supports clustering.
This enables you to set up high availability DHCP servers. In Windows Server, DHCP
integrates with Dynamic DNS (DDNS). This facilitates dynamic IP address management
because the DHCP server registers the client computer. s Address (A) records and pointer
(PTR) records in the DNS database when the client obtains an IP address. This is made
possible through DHCP integration with Dynamic DNS(DDNS). You can monitor the
pool of available IP addresses, and also be notified when the IP address pool reaches a
certain threshold. Through authorizing DHCP servers in Active Directory, you can restrict
your DHCP servers to only those that are authorized. Active Directory also allows you to
specify those clients that the DHCP server can allocate addresses to. Dynamic IP
addressing through DHCP easily scales from small to large networking environments.
25
Software Requirements Specification for DHCP Server
encryption in wireless networks. Disable broadcasting the Service Set Identifier (SSID) in
wireless networks.
A DHCP server can provide configuration settings using the following methods :-
This method entails using DHCP to identify the unique hardware address of each network
card connected to the network and then continually supplying a constant configuration each
time the DHCP client makes a request to the DHCP server using that network device. This
ensures that a particular address is assigned automatically to that network card, based on it's
MAC address.
In this method, the DHCP server will assign an IP address from a pool of addresses
(sometimes also called a range or scope) for a period of time or lease, that is configured on the
server or until the client informs the server that it doesn't need the address anymore. This way,
the clients will be receiving their configuration properties dynamically and on a "first come,
first served" basis. When a DHCP client is no longer on the network for a specified period, the
configuration is expired and released back to the address pool for use by other DHCP Clients.
This way, an address can be leased or used for a period of time. After this period, the client
has to renegociate the lease with the server to maintain use of the address.
Automatic allocation :-
26
Software Requirements Specification for DHCP Server
Using this method, the DHCP automatically assigns an IP address permanently to a device,
selecting it from a pool of available addresses. Usually DHCP is used to assign a temporary
address to a client, but a DHCP server can allow an infinite lease time.
The last two methods can be considered "automatic" because in each case the DHCP server assigns
an address with no extra intervention needed. The only difference between them is in how long the
IP address is leased, in other words whether a client's address varies over time. The DHCP server
Ubuntu makes available is dhcpd (dynamic host configuration protocol daemon), which is easy to
install and configure and will be automatically started at system boot.
DHCP states & procedure With DHCP, transition of client occurs using 6 states :
initialization, selection, request, bound, renew and rebind DHCP uses the first 4 states to
initialize IP address And 4 states are used to rebind, renew or release an IP address.
The six states are used to perform essentially 3 processes : discovery, renewal, and release
which are described below.. DHCP Address Discovery Process : When client boots ,it
executes a standard address discovery process Once IP address acquired, it tests the
address by sending ARP broadcast. DHCP uses 4-step processes to allocate IP addresses :
Discovery, Offer, Request, Acknowledgment processes.
27
Software Requirements Specification for DHCP Server
i) Initialization State to Selection State : When the client is booting up, it is the first
stage. Here it sends DHCP Discover message that places the client in Selection
state.
ii) Selection State to Request State : One or more servers respond to broadcast message with
a DHCP Offer message. Client chooses the best offer and negotiate by sending DHCP
REQUEST message
iii) Request State to Bound State : The server responds to the request message with a
positive acknowledgement (DHCP ACK) which begins the lease time and puts the client in
the bound state
DHCP states & procedure Client enters Client boots up the initialization Client state
broadcasts DHCP discover message For more Client enters servers the selection broadcast
state DHCP offers Client sends DHCP request to selected Client enters server the request
state Selected server sends DHCP Ack Client enters the bound state
When client’s lease nears its expiration time the client must initiate the address
renewal process to maintain the acquired IP address. Here, four states are used to
renew or release an IP address which are discussed below :
i) Bound State to Renew State : After the client’s first timer reaches 50% of its initial
value, it broadcasts a DHCP Request message for a lease renewal and moves to the
renew state.
28
Software Requirements Specification for DHCP Server
ii) Renew State to Bound State : If the server approves the lease renewal, the client
moves from renew state back to the bound state and continue using its original IP
address.
iii) Renew State to Initialization state : If the server disapproves the lease renewal,
the client moves from renew state to initialization state and begin the process of
acquiring new IP address.
iv) Renew State to Rebind State : If the client doesnt receive a response from the
server within the first 87.5% of the lease time, it moves to the rebind state and
broadcast a DHCP request msg
v) Rebind State to Initialization State : If the client receives a negative response from
a server while in the rebind state, the client moves to the initialization state and
begins the process of acquiring new IP address Initialization state DHCP NAK
DHCP NAK or Lease Expires DHCP Request or Lease reaches 87.5% of expiration
Rebind state Renew state DHCP Ack DHCP Ack DHCP Request or Lease Bound
state reaches 50% of DHCP expiration Release.
DHCP Address Release Process : When client is in the bound state and determines it
no longer needs an IP address, DHCP allows the client to release its IP address
without waiting for lease time to expire This is known as early termination It is
useful when there are limited no. of IP addresses available When the client sends a
DHCP release message, it leaves the bound state and returns to the initialization
state So, now the client can request another IP address when it needs one.
29
Software Requirements Specification for DHCP Server
30