Configuring Firewall Configuration Examples
Configuration Guide
95
3
Configuration Examples
3.1 Example for Anti ARP Spoofing
3.1.1 Network Requirements
In the diagram below, several hosts are connected to the network via a layer 2 switch, and the
router is the gateway of this network. Since there exists the possibility that the attacker will
launch a series of ARP attacks, it is required to configure the router to protect itself and the
terminal hosts from the ARP attacks.
Figure 3-1 Network Topology
Internet
Layer 2 Switch
Host A
192.168.0.10
00-19-56-8A-4C-71
Host B
192.168.0.20
00-19-56-82-3B-70
Host C
192.168.0.30
00-19-56-8D-22-75
Attacker
Gateway
LAN
192.168.0.1
WAN
3.1.2 Configuration Scheme
The attacker can launch three types of ARP attacks: cheating gateway, imitating gateway
and cheating terminal hosts. The following section introduces the three ARP attacks and the
corresponding solutions.
Cheating Gateway
Cheating gateway attack is aimed at the router.
To Next Page
Loading...
