195
Enable/Disable
the MAC Verify feature. There are two fields
of the DHCP packet containing the MAC address of the Host.
The MAC Verify feature is to compare the two fields and
discard the packet if the two fields are different.
Enable/Disable
the Flow Control feature for the DHCP
packets. The excessive DHCP packets will be discarded.
Enable/Disable the Decline Protect feature.
Displays the LAG to which the port belongs to.
12.2 ARP Inspection
According to the ARP Implementation Procedure stated in 12.1.3 ARP Scanning, it can be
found that ARP protocol can facilitate the Hosts in the same network segment to communicate
with one another or access to external network via Gateway. However, since ARP protocol is
implemented with the premise that all the Hosts and Gateways are trusted, there are high
security risks during ARP Implementation Procedure in the actual complex network. Thus, the
cheating attacks against ARP, such as imitating Gateway, cheating Gateway, cheating terminal
Hosts and ARP Flooding Attack, frequently occur to the network, especially to the large
network such as campus network and so on. The following part will simply introduce these ARP
attacks.
Imitating Gateway
The attacker sends the MAC address of a forged Gateway to Host, and then the Host will
automatically update the ARP table after receiving the ARP response packets, which causes
that the Host cannot access the network normally. The ARP Attack implemented by imitating
Gateway is illustrated in the following figure.
Figure 12-9 ARP Attack - Imitating Gateway
To Next Page
Loading...
