DHCP Starvation Attack

DHCP starvation attacks can be effectively mitigated by using port security because Gobbler uses a unique source MAC address for each DHCP request sent

However, mitigating DHCP spoofing attacks requires more protection

Gobbler could be configured to use the actual interface MAC address as the source Ethernet address, but specify a different Ethernet address in the DHCP payload

This would render port security ineffective because the source MAC address would be legitimate

https://securiteam.com/tools/5up072k9fu/