Further reading
To learn more on the subject:
- DHCP snooping and trust configuration:
https://isc.sans.edu/forums/diary/Layer+2+Network+Protections+against+Man+in+the+Middle+Attacks/7567/
- WPAD attacks:
https://nakedsecurity.sophos.com/2016/05/25/when-domain-names-attack-the-wpad-name-collision-vulnerability/
https://us-cert.cisa.gov/ncas/alerts/TA16-144A
https://blogs.msdn.microsoft.com/ieinternals/2012/06/05/the-intranet-zone/
- DHCP and DHCP option RFCs; also, the IANA reference on DHCP options:
Dynamic Host Configuration Protocol: https://tools.ietf.org/html/rfc2131
DHCP Options and Bootstrap Protocol (BOOTP) Vendor Extensions: https://tools.ietf.org/html/rfc2132
Vendor-Identifying Vendor Options for Dynamic Host Configuration Protocol version 4 (DHCPv4): https://tools.ietf.org/html/rfc3925
DHCP and BOOTP Parameters: https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml