HP 6120XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 277
DHCP Snooping, Overview
View all HP 6120XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 277 highlights
Configuring Advanced Threat Protection DHCP Snooping • Attempts to exhaust system resources so that sufficient resources are not available to transmit legitimate traffic, indicated by an unusually high use of specific system resources • Attempts to attack the switch's CPU and introduce delay in system response time to new network events • Attempts by hackers to access the switch, indicated by an excessive number of failed logins or port authentication failures • Attempts to deny switch service by filling the forwarding table, indicated by an increased number of learned MAC addresses or a high number of MAC address moves from one port to another • Attempts to exhaust available CPU resources, indicated by an increased number of learned MAC address events being discarded DHCP Snooping Command dhcp-snooping authorized-server database option trust verify vlan show dhcp-snooping show dhcp-snooping stats dhcp-snooping binding debug dhcp-snooping Page page 8-5 page 8-9 page 8-12 page 8-9 page 8-8 page 8-11 page 8-7 page 8-6 page 8-6 page 8-13 page 8-13 Overview You can use DHCP snooping to help avoid the Denial of Service attacks that result from unauthorized users adding a DHCP server to the network that then provides invalid configuration data to other DHCP clients on the network. 8-4