Final answer:
A Man-in-the-middle (MitM) device is what an attacker would use to make network clients use an illegitimate default gateway. This device intercepts and possibly alters communication between parties, displacing the legitimate gateway.
Step-by-step explanation:
A device that an attacker would use to make network clients use an illegitimate default gateway is known as a Man-in-the-middle (MitM) device. Such an attack typically involves the attacker secretly relaying and possibly altering the communication between two parties who believe they are directly communicating with each other. In the context of networking, an attacker could configure a MitM device to present itself as the default gateway, thereby intercepting all traffic that is meant to go through the legitimate gateway.
The other devices listed – firewall, router, and DNS server – are legitimate networking components that could be compromised to perform malicious actions, but they are not inherently designed to redirect clients to an illegitimate gateway as a MitM device is.