Home » TP-Link Manuals » Hubs & Switches » TP-Link T1600G-52PS TL-SG2452P » Manual Viewer

TP-Link T1600G-52PS TL-SG2452P T1600G-28PSTL-SG2424P V1 User Guide - Page 206

ARP Inspection

View all TP-Link T1600G-52PS TL-SG2452P manuals

Add to My Manuals
Save this manual to your list of manuals

Page 206 highlights

Circuit ID: LAG: Enter the sub-option circuit ID for the customized Option 82 field. Displays the LAG to which the port belongs to. 13.3 ARP Inspection According to the ARP Implementation Procedure stated in 12.2.3 ARP Scanning, it can be found that ARP protocol can facilitate the Hosts in the same network segment to communicate with one another or access to external network via Gateway. However, since ARP protocol is implemented with the premise that all the Hosts and Gateways are trusted, there are high security risks during ARP Implementation Procedure in the actual complex network. Thus, the cheating attacks against ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding Attack, frequently occur to the network, especially to the large network such as campus network and so on. The following part will simply introduce these ARP attacks.  Imitating Gateway The attacker sends the MAC address of a forged Gateway to Host, and then the Host will automatically update the ARP table after receiving the ARP response packets, which causes that the Host cannot access the network normally. The ARP Attack implemented by imitating Gateway is illustrated in the following figure. Figure 13-10 ARP Attack - Imitating Gateway As the above figure shown, the attacker sends the fake ARP packets with a forged Gateway address to the normal Host, and then the Host will automatically update the ARP table after receiving the ARP packets. When the Host tries to communicate with Gateway, the Host will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication. 196

Section	Page
Package Contents	11
Chapter 1 About this Guide	12
1.1 Intended Readers	12
1.2 Conventions	12
1.3 Overview of This Guide	12
Chapter 2 Introduction	16
2.1 Overview of the Switch	16
2.2 Appearance Description	16
2.2.1 Front Panel	16
2.2.2 Rear Panel	21
Chapter 3 Login to the Switch	23
3.1 Login	23
3.2 Configuration	24
Chapter 4 System	25
4.1 System Info	25
4.1.1 System Summary	25
4.1.2 Device Description	26
4.1.3 System Time	27
4.1.4 Daylight Saving Time	28
4.1.5 System IPv6	29
4.2 User Management	38
4.2.1 User Table	38
4.2.2 User Config	38
4.3 System Tools	39
4.3.1 Boot Config	40
4.3.2 Config Restore	41
4.3.3 Config Backup	41
4.3.4 Firmware Upgrade	42
4.3.5 System Reboot	43
4.3.6 System Reset	43
4.4 Access Security	44
4.4.1 Access Control	44
4.4.2 HTTP Config	45
4.4.3 HTTPS Config	46
4.4.4 SSH Config	48
4.4.5 Telnet Config	55
Chapter 5 Switching	56
5.1 Port	56
5.1.1 Port Config	56
5.1.2 Port Mirror	57
5.1.3 Port Security	59
5.1.4 Port Isolation	61
5.1.5 Loopback Detection	62
5.2 LAG	64
5.2.1 LAG Table	65
5.2.2 Static LAG	66
5.2.3 LACP Config	67
5.3 Traffic Monitor	69
5.3.1 Traffic Summary	69
5.3.2 Traffic Statistics	70
5.4 MAC Address	72
5.4.1 Address Table	73
5.4.2 Static Address	74
5.4.3 Dynamic Address	75
5.4.4 Filtering Address	77
Chapter 6 VLAN	79
6.1 802.1Q VLAN	80
6.1.1 VLAN Config	81
6.1.2 Port Config	82
6.2 Application Example for 802.1Q VLAN	84
6.3 MAC VLAN	85
6.3.1 MAC VLAN	86
6.3.2 Port Enable	86
6.4 Application Example for MAC VLAN	87
6.5 Protocol VLAN	89
6.5.1 Protocol Group Table	90
6.5.2 Protocol Group	90
6.5.3 Protocol Template	91
6.6 Application Example for Protocol VLAN	93
Chapter 7 Spanning Tree	95
7.1 STP Config	100
7.1.1 STP Config	100
7.1.2 STP Summary	102
7.2 Port Config	103
7.3 MSTP Instance	104
7.3.1 Region Config	105
7.3.2 Instance Config	105
7.3.3 Instance Port Config	106
7.4 STP Security	108
7.4.1 Port Protect	108
7.4.2 TC Protect	111
7.5 Application Example for STP Function	111
Chapter 8 Multicast	116
8.1 IGMP Snooping	120
8.1.1 Snooping Config	122
8.1.2 Port Config	124
8.1.3 VLAN Config	125
8.1.4 Multicast VLAN	126
8.1.5 Querier Config	129
8.1.6 Profile Config	131
8.1.7 Profile Binding	132
8.1.8 Packet Statistics	134
8.2 MLD Snooping	135
8.2.1 Snooping Config	137
8.2.2 Port Config	138
8.2.3 VLAN Config	139
8.2.4 Multicast VLAN	140
8.2.5 Querier Config	142
8.2.6 Profile Config	143
8.2.7 Profile Binding	145
8.2.8 Packet Statistics	147
8.3 Multicast Table	148
8.3.1 IPv4 Multicast Table	148
8.3.2 Static IPv4 Multicast Table	149
8.3.3 IPv6 Multicast Table	150
8.3.4 Static IPv6 Multicast Table	151
Chapter 9 Routing	153
9.1 Interface	153
9.2 Routing Table	156
9.3 Static Routing	157
9.4 ARP	158
9.4.1 ARP Table	158
9.4.2 Static ARP	158
Chapter 10 QoS	159
10.1 DiffServ	162
10.1.1 Port Priority	162
10.1.2 Schedule Mode	163
10.1.3 802.1P Priority	164
10.1.4 DSCP Priority	165
10.2 Bandwidth Control	167
10.2.1 Rate Limit	167
10.2.2 Storm Control	168
10.3 Voice VLAN	169
10.3.1 Global Config	171
10.3.2 Port Config	172
10.3.3 OUI Config	173
Chapter 11 PoE	175
11.1 PoE Config	175
11.1.1 PoE Config	176
11.1.2 PoE Profile	177
11.2 Time-Range	178
11.2.1 Time-Range Summary	178
11.2.2 Time-Range Create	179
11.2.3 Holiday Config	181
Chapter 12 ACL	182
12.1 ACL Config	182
12.1.1 ACL Summary	182
12.1.2 ACL Create	182
12.1.3 MAC ACL	183
12.1.4 Standard-IP ACL	184
12.1.5 Extend-IP ACL	185
12.2 Policy Config	186
12.2.1 Policy Summary	186
12.2.2 Policy Create	186
12.2.3 Action Create	187
12.3 ACL Binding	187
12.3.1 Binding Table	188
12.3.2 Port Binding	189
12.3.3 VLAN Binding	190
12.4 Policy Binding	190
12.4.1 Binding Table	191
12.4.2 Port Binding	192
12.4.3 VLAN Binding	193
12.5 Application Example for ACL	193
Chapter 13 Network Security	196
13.1 IP-MAC Binding	196
13.1.1 Binding Table	196
13.1.2 Manual Binding	197
13.1.3 ARP Scanning	199
13.2 DHCP Snooping	200
13.2.1 Global Config	204
13.2.2 Port Config	205
13.3 ARP Inspection	206
13.3.1 ARP Detect	210
13.3.2 ARP Defend	211
13.3.3 ARP Statistics	212
13.4 DoS Defend	213
13.4.1 DoS Defend	215
13.5 802.1X	215
13.5.1 Global Config	219
13.5.2 Port Config	221
13.5.3 RADIUS Config	222
Chapter 14 SNMP	225
14.1 SNMP Config	227
14.1.1 Global Config	227
14.1.2 SNMP View	228
14.1.3 SNMP Group	229
14.1.4 SNMP User	230
14.1.5 SNMP Community	232
14.2 Notification	234
14.3 RMON	236
14.3.1 Statistics	237
14.3.2 History	238
14.3.3 Event	239
14.3.4 Alarm Config	240
Chapter 15 LLDP	242
15.1 Basic Config	246
15.1.1 Global Config	246
15.1.2 Port Config	247
15.2 Device Info	248
15.2.1 Local Info	248
15.2.2 Neighbor Info	249
15.3 Device Statistics	250
15.4 LLDP-MED	251
15.4.1 Global Config	252
15.4.2 Port Config	253
15.4.3 Local Info	255
15.4.4 Neighbor Info	256
Chapter 16 Maintenance	257
16.1 System Monitor	257
16.1.1 CPU Monitor	257
16.1.2 Memory Monitor	258
16.2 Log	258
16.2.1 Log Table	259
16.2.2 Local Log	260
16.2.3 Remote Log	261
16.2.4 Backup Log	261
16.3 Device Diagnostics	262
16.3.1 Cable Test	262
16.4 Network Diagnostics	263
16.4.1 Ping	263
16.4.2 Tracert	264
Appendix A: Specifications	266

Match case Limit results 1 per page

196

Circuit ID:

Enter the sub-option circuit ID for the customized Option 82

field.

LAG:

Displays the LAG to which the port belongs to.

13.3 ARP Inspection

According to the ARP Implementation Procedure stated in 12.2.3 ARP Scanning, it can be found

that ARP protocol can facilitate the Hosts in the same network segment to communicate with one

another or access to external network via Gateway. However, since ARP protocol is implemented

with the premise that all the Hosts and Gateways are trusted, there are high security risks during

ARP Implementation Procedure in the actual complex network. Thus, the cheating attacks against

ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding

Attack, frequently occur to the network, especially to the large network such as campus network

and so on. The following part will simply introduce these ARP attacks.



Imitating Gateway

The attacker sends the MAC address of a forged Gateway to Host, and then the Host will

automatically update the ARP table after receiving the ARP response packets, which causes that

the Host cannot access the network normally. The ARP Attack implemented by imitating Gateway

is illustrated in the following figure.

Figure 13-10 ARP Attack - Imitating Gateway

As the above figure shown, the attacker sends the fake ARP packets with a forged Gateway

address to the normal Host, and then the Host will automatically update the ARP table after

receiving the ARP packets. When the Host tries to communicate with Gateway, the Host will

encapsulate this false destination MAC address for packets, which results in a breakdown of the

normal communication.