Home » TP-Link Manuals » Hubs & Switches » TP-Link T2600G-52TS TL-SG3452 » Manual Viewer

TP-Link T2600G-52TS TL-SG3452 T2600G-52TS V1 User Guide - Page 217

Cheating Terminal Hosts

View all TP-Link T2600G-52TS TL-SG3452 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 217 highlights

Figure 12-11 ARP Attack - Cheating Gateway As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway, and then the Gateway will automatically update its ARP table after receiving the ARP packets. When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication.  Cheating Terminal Hosts The attacker sends the false IP address-to-MAC address mapping entries of terminal Host/Server to another terminal Host, which causes that the two terminal Hosts in the same network segment cannot communicate with each other normally. The ARP Attack implemented by cheating terminal Hosts is illustrated in the following figure. Figure 12-12 ARP Attack - Cheating Terminal Hosts As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then Host B will automatically update its ARP table after receiving the ARP packets. When Host B tries to communicate with Host A, it will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication. 207

Section	Page
Package Contents	11
Chapter 1 About this Guide	12
1.1 Intended Readers	12
1.2 Conventions	12
1.3 Overview of This Guide	12
Chapter 2 Introduction	16
2.1 Overview of the Switch	16
2.2 Appearance Description	16
2.2.1 Front Panel	16
2.2.2 Rear Panel	18
Chapter 3 Login to the Switch	20
3.1 Login	20
3.2 Configuration	21
Chapter 4 System	22
4.1 System Info	22
4.1.1 System Summary	22
4.1.2 Device Description	24
4.1.3 System Time	24
4.1.4 Daylight Saving Time	25
4.1.5 System IPv6	26
4.2 User Management	35
4.2.1 User Table	35
4.2.2 User Config	35
4.3 System Tools	36
4.3.1 Boot Config	37
4.3.2 Config Restore	38
4.3.3 Config Backup	38
4.3.4 Firmware Upgrade	39
4.3.5 System Reboot	40
4.3.6 System Reset	40
4.4 Access Security	41
4.4.1 Access Control	41
4.4.2 HTTP Config	42
4.4.3 HTTPS Config	43
4.4.4 SSH Config	45
4.4.5 Telnet Config	52
4.5 SDM Template	52
4.5.1 SDM Template Config	52
Chapter 5 Switching	54
5.1 Port	54
5.1.1 Port Config	54
5.1.2 Port Mirror	55
5.1.3 Port Security	57
5.1.4 Port Isolation	59
5.1.5 Loopback Detection	60
5.2 LAG	62
5.2.1 LAG Table	63
5.2.2 Static LAG	64
5.2.3 LACP Config	65
5.3 Traffic Monitor	67
5.3.1 Traffic Summary	67
5.3.2 Traffic Statistics	68
5.4 MAC Address	69
5.4.1 Address Table	71
5.4.2 Static Address	72
5.4.3 Dynamic Address	73
5.4.4 Filtering Address	75
Chapter 6 VLAN	77
6.1 802.1Q VLAN	78
6.1.1 VLAN Config	79
6.1.2 Port Config	80
6.2 Application Example for 802.1Q VLAN	82
6.3 MAC VLAN	83
6.3.1 MAC VLAN	84
6.3.2 Port Enable	85
6.4 Application Example for MAC VLAN	85
6.5 Protocol VLAN	87
6.5.1 Protocol Group Table	88
6.5.2 Protocol Group	89
6.5.3 Protocol Template	89
6.6 Application Example for Protocol VLAN	91
6.7 VLAN VPN	93
6.7.1 VPN Config	94
6.7.2 Port Enable	95
6.7.3 VLAN Mapping	95
6.8 GVRP	98
6.9 Private VLAN	101
6.9.1 PVLAN Config	103
6.9.2 Port Config	104
6.10 Application Example for Private VLAN	105
Chapter 7 Spanning Tree	108
7.1 STP Config	113
7.1.1 STP Config	113
7.1.2 STP Summary	115
7.2 Port Config	116
7.3 MSTP Instance	117
7.3.1 Region Config	118
7.3.2 Instance Config	118
7.3.3 Instance Port Config	119
7.4 STP Security	121
7.4.1 Port Protect	121
7.4.2 TC Protect	124
7.5 Application Example for STP Function	124
Chapter 8 Multicast	129
8.1 IGMP Snooping	133
8.1.1 Snooping Config	135
8.1.2 Port Config	137
8.1.3 VLAN Config	138
8.1.4 Multicast VLAN	139
8.1.5 Querier Config	142
8.1.6 Profile Config	144
8.1.7 Profile Binding	145
8.1.8 Packet Statistics	147
8.2 MLD Snooping	148
8.2.1 Snooping Config	150
8.2.2 Port Config	152
8.2.3 VLAN Config	153
8.2.4 Multicast VLAN	154
8.2.5 Querier Config	155
8.2.6 Profile Config	157
8.2.7 Profile Binding	158
8.2.8 Packet Statistics	160
8.3 Multicast Table	161
8.3.1 IPv4 Multicast Table	161
8.3.2 Static IPv4 Multicast Table	162
8.3.3 IPv6 Multicast Table	163
8.3.4 Static IPv6 Multicast Table	164
Chapter 9 Routing	166
9.1 Interface	166
9.2 Routing Table	169
9.3 Static Routing	170
9.4 ARP	171
9.4.1 ARP Table	171
9.4.2 Static ARP	171
Chapter 10 QoS	172
10.1 DiffServ	175
10.1.1 Port Priority	175
10.1.2 Schedule Mode	176
10.1.3 802.1P Priority	177
10.1.4 DSCP Priority	178
10.2 Bandwidth Control	180
10.2.1 Rate Limit	180
10.2.2 Storm Control	181
10.3 Voice VLAN	182
10.3.1 Global Config	184
10.3.2 Port Config	185
10.3.3 OUI Config	186
Chapter 11 ACL	188
11.1 Time-Range	188
11.1.1 Time-Range Summary	188
11.1.2 Time-Range Create	189
11.1.3 Holiday Config	190
11.2 ACL Config	190
11.2.1 ACL Summary	190
11.2.2 ACL Create	191
11.2.3 MAC ACL	191
11.2.4 Standard-IP ACL	193
11.2.5 Extend-IP ACL	194
11.3 Policy Config	195
11.3.1 Policy Summary	195
11.3.2 Policy Create	196
11.3.3 Action Create	196
11.4 ACL Binding	197
11.4.1 Binding Table	198
11.4.2 Port Binding	199
11.4.3 VLAN Binding	200
11.5 Policy Binding	200
11.5.1 Binding Table	201
11.5.2 Port Binding	202
11.5.3 VLAN Binding	203
11.6 Application Example for ACL	203
Chapter 12 Network Security	206
12.1 IP-MAC Binding	206
12.1.1 Binding Table	206
12.1.2 Manual Binding	207
12.1.3 ARP Scanning	209
12.2 DHCP Snooping	210
12.2.1 Global Config	214
12.2.2 Port Config	215
12.3 ARP Inspection	216
12.3.1 ARP Detect	219
12.3.2 ARP Defend	220
12.3.3 ARP Statistics	221
12.4 IP Source Guard	222
12.5 DoS Defend	223
12.5.1 DoS Defend	224
12.6 802.1X	224
12.6.1 Global Config	228
12.6.2 Port Config	230
12.6.3 Radius Server	231
Chapter 13 SNMP	233
13.1 SNMP Config	235
13.1.1 Global Config	235
13.1.2 SNMP View	236
13.1.3 SNMP Group	237
13.1.4 SNMP User	238
13.1.5 SNMP Community	240
13.2 Notification	242
13.3 RMON	244
13.3.1 Statistics	245
13.3.2 History	246
13.3.3 Event	247
13.3.4 Alarm Config	248
Chapter 14 LLDP	250
14.1 Basic Config	253
14.1.1 Global Config	253
14.1.2 Port Config	254
14.2 Device Info	255
14.2.1 Local Info	255
14.2.2 Neighbor Info	257
14.3 Device Statistics	258
14.4 LLDP-MED	259
14.4.1 Global Config	260
14.4.2 Port Config	260
14.4.3 Local Info	263
14.4.4 Neighbor Info	264
Chapter 15 Maintenance	266
15.1 System Monitor	266
15.1.1 CPU Monitor	266
15.1.2 Memory Monitor	267
15.2 Log	267
15.2.1 Log Table	268
15.2.2 Local Log	269
15.2.3 Remote Log	270
15.2.4 Backup Log	270
15.3 Device Diagnostics	271
15.3.1 Cable Test	271
15.4 Network Diagnostics	272
15.4.1 Ping	273
15.4.2 Tracert	273
Appendix A. Specifications	275

Match case Limit results 1 per page

207

Figure 12-11 ARP Attack – Cheating Gateway

As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway,

and then the Gateway will automatically update its ARP table after receiving the ARP packets.

When the Gateway tries to communicate with Host A in LAN, it will encapsulate this false

destination MAC address for packets, which results in a breakdown of the normal communication.



Cheating Terminal Hosts

The attacker sends the false IP address-to-MAC address mapping entries of terminal Host/Server

to another terminal Host, which causes that the two terminal Hosts in the same network segment

cannot communicate with each other normally. The ARP Attack implemented by cheating terminal

Hosts is illustrated in the following figure.

Figure 12-12 ARP Attack – Cheating Terminal Hosts

As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then

Host B will automatically update its ARP table after receiving the ARP packets. When Host B tries

to communicate with Host A, it will encapsulate this false destination MAC address for packets,

which results in a breakdown of the normal communication.