D-Link DES-1210-52 Product Manual - Page 59

Security > ARP Spoofing Prevention, Security > Trusted Host

Get D-Link DES-1210-52 PDF manuals and user guides
UPC - 790069327827
View all D-Link DES-1210-52 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 59 highlights

5 Configuration D-Link Web Smart Switch User Manual Security > Trusted Host Use Trusted Host function to manage the switch from a remote station. You can enter up to ten designated management stations networks by defining the IP address/Subnet Mask as seen in the figure below. Figure 91 Security > Trusted Host To define a management station IP setting, click the Add Host button and type in the IP address and Subnet mask. Click the Apply button to save your settings. You may permit only single or a range of IP addresses by different IP mask setting, the format can be either 192.168.1.1/255.255.255.0 or 192.168.0.1/24. Please see the example below for permitting the IP range IP Address Subnet Mask Permitted IP 192.168.0.1 255.255.255.0 192.168.0.1~192.168.0.255 172.17.5.215 255.0.0.0 172.0.0.1~172.255.255.255 To delete the IP address simply click the Delete button, check the unwanted address, and then click Apply. Security > Safeguard Engine D-Link's Safeguard Engine is a robust and innovative technology that automatically throttles the impact of packet flooding into the switch's CPU. This function helps protect the Web-Smart Switch from being interrupted by malicious viruses or worm attacks. This option is enabled by default. Figure 92 - Security > Safeguard Engine Security > ARP Spoofing Prevention ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network by allowing an attacker to sniff data frames on a LAN, modifying the traffic, or stopping the traffic (known as a Denial of Service - DoS attack). The main idea of ARP spoofing is to send fake or spoofed ARP messages to an Ethernet network. It associates the attacker's or random MAC address with the IP address of another node such as the default gateway. Any traffic meant for that IP address would be mistakenly re-directed to the node specified by the attacker. A common DoS attack today can be done by associating a nonexistent or specified MAC address to the IP address of the network's default gateway. The malicious attacker only needs to broadcast one gratuitous 53

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
5
Configuration
D-Link Web Smart Switch User Manual
Security > Trusted Host
Use Trusted Host function to manage the switch from a remote station. You can enter up to ten designated
management stations networks by defining the IP address/Subnet Mask as seen in the figure below.
Figure 91 Security > Trusted Host
To define a management station IP setting, click the
Add Host
button and type in the IP address and Subnet
mask. Click the
Apply
button to save your settings. You may permit only single or a range of IP addresses
by different IP mask setting, the format can be either 192.168.1.1/255.255.255.0 or 192.168.0.1/24. Please
see the example below for permitting the IP range
IP Address
Subnet Mask
Permitted IP
192.168.0.1
255.255.255.0
192.168.0.1~192.168.0.255
172.17.5.215
255.0.0.0
172.0.0.1~172.255.255.255
To delete the IP address simply click the
Delete
button, check the unwanted address, and then click
Apply
.
Security > Safeguard Engine
D-Link’s
Safeguard Engine
is a robust and innovative technology that automatically throttles the impact of
packet flooding into the switch's CPU. This function helps protect the Web-Smart Switch from being
interrupted by malicious viruses or worm attacks. This option is enabled by default.
Figure 92 – Security > Safeguard Engine
Security > ARP Spoofing Prevention
ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network by allowing an
attacker to sniff data frames on a LAN, modifying the traffic, or stopping the traffic (known as a Denial of
Service – DoS attack). The main idea of ARP spoofing is to send fake or spoofed ARP messages to an
Ethernet network. It associates the attacker's or random MAC address with the IP address of another node
such as the default gateway. Any traffic meant for that IP address would be mistakenly re-directed to the
node specified by the attacker.
A common DoS attack today can be done by associating a nonexistent or specified MAC address to the IP
address of the network’s default gateway. The malicious attacker only needs to broadcast one gratuitous
53