====== Detect rogue DHCP servers ======
If your clients experience network access problems due to incorrectly leased IP addresses & incorrect options, you probably have a rogue DHCP server on the network. Rogue DHCP servers are those DHCP servers that are misconfigured, unauthorized unknowingly or those that are configured with a malicious intent for network attacks.

Rogue detection tool is a GUI tool that checks if there are any rogue DHCP servers in the local subnet.

Following are the features with this tool:

  - The tool can be run one time or can be scheduled to run at specified interval.
  - Can be run on a specified interface by selecting one of the discovered interfaces.
  - Retrieves all the authorized DHCP servers in the forest and displays them.
  - Ability to validate (not Authorize in AD) a DHCP server which is not rogue and persist this information
  - Minimize the tool, which makes it invisible. A tray icon will be present which would display the status.
  - When you start the program, it queries the AD and lists all authorized DHCP servers.

Read the article source [[http://blogs.technet.com/b/teamdhcp/archive/2009/07/03/rogue-dhcp-server-detection.aspx|here]].
Download the program [[http://blogs.technet.com/cfs-file.ashx/__key/communityserver-components-postattachments/00-03-26-09-62/RogueChecker.zip|here]].