Home » TP-Link Manuals » Hubs & Switches » TP-Link T1500G-8T » Manual Viewer

TP-Link T1500G-8T T1500G-10PSUN V1 User Guide - Page 170

Cheating Gateway, Cheating Terminal Hosts

Add to My Manuals
Save this manual to your list of manuals

Page 170 highlights

As the above figure shown, the attacker sends the fake ARP packets with a forged Gateway address to the normal Host, and then the Host will automatically update the ARP table after receiving the ARP packets. When the Host tries to communicate with Gateway, the Host will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication.  Cheating Gateway The attacker sends the wrong IP address-to-MAC address mapping entries of Hosts to the Gateway, which causes that the Gateway cannot communicate with the legal terminal Hosts normally. The ARP Attack implemented by cheating Gateway is illustrated in the following figure. Figure 12-12 ARP Attack - Cheating Gateway As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway, and then the Gateway will automatically update its ARP table after receiving the ARP packets. When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication.  Cheating Terminal Hosts The attacker sends the false IP address-to-MAC address mapping entries of terminal Host/Server to another terminal Host, which causes that the two terminal Hosts in the same network segment cannot communicate with each other normally. The ARP Attack implemented by cheating terminal Hosts is illustrated in the following figure. 160

Section	Page
Package Contents	11
Chapter 1 About this Guide	12
1.1 Intended Readers	12
1.2 Conventions	12
1.3 Overview of This Guide	12
Chapter 2 Introduction	17
2.1 Overview of the Switch	17
2.2 Appearance Description	17
2.2.1 Front Panel	17
2.2.2 Rear Panel	21
Chapter 3 Login to the Switch	24
3.1 Login	24
3.2 Configuration	24
Chapter 4 System	26
4.1 System Info	26
4.1.1 System Summary	26
4.1.2 Device Description	27
4.1.3 System Time	28
4.1.4 Daylight Saving Time	29
4.1.5 System IP	30
4.2 User Management	32
4.2.1 User Table	32
4.2.2 User Config	32
4.3 System Tools	34
4.3.1 Boot Config	34
4.3.2 Config Restore	34
4.3.3 Config Backup	35
4.3.4 Firmware Upgrade	36
4.3.5 System Reboot	36
4.3.6 System Reset	37
4.4 Access Security	37
4.4.1 Access Control	37
4.4.2 HTTP Config	38
4.4.3 HTTPS Config	39
4.4.4 SSH Config	43
4.4.5 Telnet Config	49
Chapter 5 Switching	50
5.1 Port	50
5.1.1 Port Config	50
5.1.2 Port Mirror	51
5.1.3 Port Security	53
5.1.4 Port Isolation	55
5.1.5 Loopback Detection	56
5.2 LAG	58
5.2.1 LAG Table	58
5.2.2 Static LAG	60
5.2.3 LACP Config	61
5.3 Traffic Monitor	62
5.3.1 Traffic Summary	62
5.3.2 Traffic Statistics	63
5.4 MAC Address	65
5.4.1 Address Table	66
5.4.2 Static Address	68
5.4.3 Dynamic Address	69
5.4.4 Filtering Address	71
Chapter 6 VLAN	73
6.1 802.1Q VLAN	74
6.1.1 VLAN Config	75
6.1.2 Port Config	77
6.2 Application Example for 802.1Q VLAN	78
Chapter 7 Spanning Tree	80
7.1 STP Config	85
7.1.1 STP Config	85
7.1.2 STP Summary	87
7.2 Port Config	88
7.3 MSTP Instance	90
7.3.1 Region Config	90
7.3.2 Instance Config	91
7.3.3 Instance Port Config	92
7.4 STP Security	93
7.4.1 Port Protect	93
7.5 Application Example for STP Function	96
Chapter 8 Multicast	101
8.1 IGMP Snooping	103
8.1.1 Snooping Config	105
8.1.2 Port Config	107
8.1.3 VLAN Config	108
8.1.4 Multicast VLAN	109
8.1.5 Querier Config	113
8.1.6 Profile Config	114
8.1.7 Profile Binding	116
8.1.8 Packet Statistics	117
8.2 Multicast Table	118
8.2.1 IPv4 Multicast Table	119
8.2.2 Static IPv4 Multicast Table	119
Chapter 9 QoS	122
9.1 DiffServ	125
9.1.1 Port Priority	125
9.1.2 Schedule Mode	126
9.1.3 802.1P Priority	127
9.1.4 DSCP Priority	128
9.2 Bandwidth Control	129
9.2.1 Rate Limit	129
9.2.2 Storm Control	130
9.3 Voice VLAN	131
9.3.1 Global Config	134
9.3.2 Port Config	134
9.3.3 OUI Config	136
Chapter 10 PoE	138
10.1 PoE Config	139
10.1.1 PoE Config	139
10.1.2 PoE Profile	140
10.2 Time-Range	141
10.2.1 Time-Range Summary	141
10.2.2 Time-Range Create	142
10.2.3 Holiday Config	144
Chapter 11 ACL	145
11.1 ACL Config	145
11.1.1 ACL Summary	145
11.1.2 ACL Create	145
11.1.3 MAC ACL	146
11.1.4 Standard-IP ACL	147
11.1.5 Extend-IP ACL	147
11.2 Policy Config	148
11.2.1 Policy Summary	149
11.2.2 Policy Create	149
11.2.3 Action Create	149
11.3 ACL Binding	150
11.3.1 Binding Table	150
11.3.2 Port Binding	151
11.3.3 VLAN Binding	152
11.4 Policy Binding	153
11.4.1 Binding Table	153
11.4.2 Port Binding	154
11.4.3 VLAN Binding	155
11.5 Application Example for ACL	156
Chapter 12 Network Security	158
12.1 IP-MAC Binding	158
12.1.1 Binding Table	158
12.1.2 Manual Binding	160
12.1.3 ARP Scanning	161
12.2 DHCP Snooping	163
12.2.1 Global Config	166
12.2.2 Port Config	167
12.2.3 Option 82 Config	168
12.3 ARP Inspection	169
12.3.1 ARP Detect	172
12.3.2 ARP Defend	174
12.3.3 ARP Statistics	175
12.4 DoS Defend	175
12.4.1 DoS Defend	177
12.5 802.1X	178
12.5.1 Global Config	182
12.5.2 Port Config	184
12.6 AAA	186
12.6.1 Global Config	187
12.6.2 Privilege Elevation	187
12.6.3 RADIUS Server Config	187
12.6.4 TACACS+ Server Config	188
12.6.5 Authentication Server Group Config	189
12.6.6 Authentication Method List Config	191
12.6.7 Application Authentication List Config	192
12.6.8 802.1X Authentication Server Config	193
12.6.9 Default Settings	193
Chapter 13 SNMP	195
13.1 SNMP Config	197
13.1.1 Global Config	197
13.1.2 SNMP View	198
13.1.3 SNMP Group	199
13.1.4 SNMP User	201
13.1.5 SNMP Community	202
13.2 Notification	205
13.3 RMON	206
13.3.1 Statistics	207
13.3.2 History	208
13.3.3 Event	209
13.3.4 Alarm	210
Chapter 14 LLDP	212
14.1 Basic Config	217
14.1.1 Global Config	217
14.1.2 Port Config	218
14.2 Device Info	219
14.2.1 Local Info	219
14.2.2 Neighbor Info	221
14.3 Device Statistics	222
14.4 LLDP-MED	223
14.4.1 Global Config	224
14.4.2 Port Config	225
14.4.3 Local Info	226
14.4.4 Neighbor Info	227
Chapter 15 Maintenance	229
15.1 System Monitor	229
15.1.1 CPU Monitor	229
15.1.2 Memory Monitor	230
15.2 Log	231
15.2.1 Log Table	232
15.2.2 Local Log	233
15.2.3 Remote Log	233
15.2.4 Backup Log	234
15.3 Device Diagnostics	235
15.3.1 Cable Test	235
15.4 Network Diagnostics	236
15.4.1 Ping	236
15.4.2 Tracert	237
Appendix A: Specifications	238

Match case Limit results 1 per page

As the above figure shown, the attacker sends the fake ARP packets with a forged Gateway

address to the normal Host, and then the Host will automatically update the ARP table after

receiving the ARP packets. When the Host tries to communicate with Gateway, the Host will

encapsulate this false destination MAC address for packets, which results in a breakdown of

the normal communication.



Cheating Gateway

The attacker sends the wrong IP address-to-MAC address mapping entries of Hosts to the

Gateway, which causes that the Gateway cannot communicate with the legal terminal Hosts

normally. The ARP Attack implemented by cheating Gateway is illustrated in the following

figure.

Figure 12-12 ARP Attack – Cheating Gateway

As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway,

and then the Gateway will automatically update its ARP table after receiving the ARP packets.

When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false

destination MAC address for packets, which results in a breakdown of the normal

communication.



Cheating Terminal Hosts

The attacker sends the false IP address-to-MAC address mapping entries of terminal

Host/Server to another terminal Host, which causes that the two terminal Hosts in the same

network segment cannot communicate with each other normally. The ARP Attack implemented

by cheating terminal Hosts is illustrated in the following figure.

160