Home » TP-Link Manuals » Hubs & Switches » TP-Link T1600G-52PS TL-SG2452P » Manual Viewer

TP-Link T1600G-52PS TL-SG2452P T1600G-28PSTL-SG2424P V1 User Guide - Page 207

Cheating Gateway, Cheating Terminal Hosts

View all TP-Link T1600G-52PS TL-SG2452P manuals

Add to My Manuals
Save this manual to your list of manuals

Page 207 highlights

 Cheating Gateway The attacker sends the wrong IP address-to-MAC address mapping entries of Hosts to the Gateway, which causes that the Gateway cannot communicate with the legal terminal Hosts normally. The ARP Attack implemented by cheating Gateway is illustrated in the following figure. Figure 13-11 ARP Attack - Cheating Gateway As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway, and then the Gateway will automatically update its ARP table after receiving the ARP packets. When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication.  Cheating Terminal Hosts The attacker sends the false IP address-to-MAC address mapping entries of terminal Host/Server to another terminal Host, which causes that the two terminal Hosts in the same network segment cannot communicate with each other normally. The ARP Attack implemented by cheating terminal Hosts is illustrated in the following figure. 197

Section	Page
Package Contents	11
Chapter 1 About this Guide	12
1.1 Intended Readers	12
1.2 Conventions	12
1.3 Overview of This Guide	12
Chapter 2 Introduction	16
2.1 Overview of the Switch	16
2.2 Appearance Description	16
2.2.1 Front Panel	16
2.2.2 Rear Panel	21
Chapter 3 Login to the Switch	23
3.1 Login	23
3.2 Configuration	24
Chapter 4 System	25
4.1 System Info	25
4.1.1 System Summary	25
4.1.2 Device Description	26
4.1.3 System Time	27
4.1.4 Daylight Saving Time	28
4.1.5 System IPv6	29
4.2 User Management	38
4.2.1 User Table	38
4.2.2 User Config	38
4.3 System Tools	39
4.3.1 Boot Config	40
4.3.2 Config Restore	41
4.3.3 Config Backup	41
4.3.4 Firmware Upgrade	42
4.3.5 System Reboot	43
4.3.6 System Reset	43
4.4 Access Security	44
4.4.1 Access Control	44
4.4.2 HTTP Config	45
4.4.3 HTTPS Config	46
4.4.4 SSH Config	48
4.4.5 Telnet Config	55
Chapter 5 Switching	56
5.1 Port	56
5.1.1 Port Config	56
5.1.2 Port Mirror	57
5.1.3 Port Security	59
5.1.4 Port Isolation	61
5.1.5 Loopback Detection	62
5.2 LAG	64
5.2.1 LAG Table	65
5.2.2 Static LAG	66
5.2.3 LACP Config	67
5.3 Traffic Monitor	69
5.3.1 Traffic Summary	69
5.3.2 Traffic Statistics	70
5.4 MAC Address	72
5.4.1 Address Table	73
5.4.2 Static Address	74
5.4.3 Dynamic Address	75
5.4.4 Filtering Address	77
Chapter 6 VLAN	79
6.1 802.1Q VLAN	80
6.1.1 VLAN Config	81
6.1.2 Port Config	82
6.2 Application Example for 802.1Q VLAN	84
6.3 MAC VLAN	85
6.3.1 MAC VLAN	86
6.3.2 Port Enable	86
6.4 Application Example for MAC VLAN	87
6.5 Protocol VLAN	89
6.5.1 Protocol Group Table	90
6.5.2 Protocol Group	90
6.5.3 Protocol Template	91
6.6 Application Example for Protocol VLAN	93
Chapter 7 Spanning Tree	95
7.1 STP Config	100
7.1.1 STP Config	100
7.1.2 STP Summary	102
7.2 Port Config	103
7.3 MSTP Instance	104
7.3.1 Region Config	105
7.3.2 Instance Config	105
7.3.3 Instance Port Config	106
7.4 STP Security	108
7.4.1 Port Protect	108
7.4.2 TC Protect	111
7.5 Application Example for STP Function	111
Chapter 8 Multicast	116
8.1 IGMP Snooping	120
8.1.1 Snooping Config	122
8.1.2 Port Config	124
8.1.3 VLAN Config	125
8.1.4 Multicast VLAN	126
8.1.5 Querier Config	129
8.1.6 Profile Config	131
8.1.7 Profile Binding	132
8.1.8 Packet Statistics	134
8.2 MLD Snooping	135
8.2.1 Snooping Config	137
8.2.2 Port Config	138
8.2.3 VLAN Config	139
8.2.4 Multicast VLAN	140
8.2.5 Querier Config	142
8.2.6 Profile Config	143
8.2.7 Profile Binding	145
8.2.8 Packet Statistics	147
8.3 Multicast Table	148
8.3.1 IPv4 Multicast Table	148
8.3.2 Static IPv4 Multicast Table	149
8.3.3 IPv6 Multicast Table	150
8.3.4 Static IPv6 Multicast Table	151
Chapter 9 Routing	153
9.1 Interface	153
9.2 Routing Table	156
9.3 Static Routing	157
9.4 ARP	158
9.4.1 ARP Table	158
9.4.2 Static ARP	158
Chapter 10 QoS	159
10.1 DiffServ	162
10.1.1 Port Priority	162
10.1.2 Schedule Mode	163
10.1.3 802.1P Priority	164
10.1.4 DSCP Priority	165
10.2 Bandwidth Control	167
10.2.1 Rate Limit	167
10.2.2 Storm Control	168
10.3 Voice VLAN	169
10.3.1 Global Config	171
10.3.2 Port Config	172
10.3.3 OUI Config	173
Chapter 11 PoE	175
11.1 PoE Config	175
11.1.1 PoE Config	176
11.1.2 PoE Profile	177
11.2 Time-Range	178
11.2.1 Time-Range Summary	178
11.2.2 Time-Range Create	179
11.2.3 Holiday Config	181
Chapter 12 ACL	182
12.1 ACL Config	182
12.1.1 ACL Summary	182
12.1.2 ACL Create	182
12.1.3 MAC ACL	183
12.1.4 Standard-IP ACL	184
12.1.5 Extend-IP ACL	185
12.2 Policy Config	186
12.2.1 Policy Summary	186
12.2.2 Policy Create	186
12.2.3 Action Create	187
12.3 ACL Binding	187
12.3.1 Binding Table	188
12.3.2 Port Binding	189
12.3.3 VLAN Binding	190
12.4 Policy Binding	190
12.4.1 Binding Table	191
12.4.2 Port Binding	192
12.4.3 VLAN Binding	193
12.5 Application Example for ACL	193
Chapter 13 Network Security	196
13.1 IP-MAC Binding	196
13.1.1 Binding Table	196
13.1.2 Manual Binding	197
13.1.3 ARP Scanning	199
13.2 DHCP Snooping	200
13.2.1 Global Config	204
13.2.2 Port Config	205
13.3 ARP Inspection	206
13.3.1 ARP Detect	210
13.3.2 ARP Defend	211
13.3.3 ARP Statistics	212
13.4 DoS Defend	213
13.4.1 DoS Defend	215
13.5 802.1X	215
13.5.1 Global Config	219
13.5.2 Port Config	221
13.5.3 RADIUS Config	222
Chapter 14 SNMP	225
14.1 SNMP Config	227
14.1.1 Global Config	227
14.1.2 SNMP View	228
14.1.3 SNMP Group	229
14.1.4 SNMP User	230
14.1.5 SNMP Community	232
14.2 Notification	234
14.3 RMON	236
14.3.1 Statistics	237
14.3.2 History	238
14.3.3 Event	239
14.3.4 Alarm Config	240
Chapter 15 LLDP	242
15.1 Basic Config	246
15.1.1 Global Config	246
15.1.2 Port Config	247
15.2 Device Info	248
15.2.1 Local Info	248
15.2.2 Neighbor Info	249
15.3 Device Statistics	250
15.4 LLDP-MED	251
15.4.1 Global Config	252
15.4.2 Port Config	253
15.4.3 Local Info	255
15.4.4 Neighbor Info	256
Chapter 16 Maintenance	257
16.1 System Monitor	257
16.1.1 CPU Monitor	257
16.1.2 Memory Monitor	258
16.2 Log	258
16.2.1 Log Table	259
16.2.2 Local Log	260
16.2.3 Remote Log	261
16.2.4 Backup Log	261
16.3 Device Diagnostics	262
16.3.1 Cable Test	262
16.4 Network Diagnostics	263
16.4.1 Ping	263
16.4.2 Tracert	264
Appendix A: Specifications	266

Match case Limit results 1 per page

197



Cheating Gateway

The attacker sends the wrong IP address-to-MAC address mapping entries of Hosts to the

Gateway, which causes that the Gateway cannot communicate with the legal terminal Hosts

normally. The ARP Attack implemented by cheating Gateway is illustrated in the following figure.

Figure 13-11 ARP Attack – Cheating Gateway

As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway,

and then the Gateway will automatically update its ARP table after receiving the ARP packets.

When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false

destination MAC address for packets, which results in a breakdown of the normal communication.



Cheating Terminal Hosts

The attacker sends the false IP address-to-MAC address mapping entries of terminal Host/Server

to another terminal Host, which causes that the two terminal Hosts in the same network segment

cannot communicate with each other normally. The ARP Attack implemented by cheating terminal

Hosts is illustrated in the following figure.