TP-Link T2700G-28TQ T2700G-28TQ User Guide V1 - Page 318
ARP Inspection, Trusted Port, MAC Verify, Rate Limit, Decline Protect
View all TP-Link T2700G-28TQ manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 318 highlights
Trusted Port: MAC Verify: Rate Limit: Decline Protect: LAG: Select Enable/Disable the port to be a Trusted Port. Only the Trusted Port can receive the DHCP packets from DHCP servers. Select Enable/Disable the MAC Verify feature. There are two fields of the DHCP packet containing the MAC address of the Host. The MAC Verify feature is to compare the two fields and discard the packet if the two fields are different. Select the value to specify the maximum amount of DHCP messages that can be forwarded by the switch of this port per second. The excessive DHCP packets will be discarded. Select Enable/Disable the Decline Protect feature. Displays the LAG to which the port belongs to. 14.3 ARP Inspection According to the ARP Implementation Procedure stated in 14.1.3 ARP Scanning, it can be found that ARP protocol can facilitate the Hosts in the same network segment to communicate with one another or access to external network via Gateway. However, since ARP protocol is implemented with the premise that all the Hosts and Gateways are trusted, there are high security risks during ARP Implementation Procedure in the actual complex network. Thus, the cheating attacks against ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding Attack, frequently occur to the network, especially to the large network such as campus network and so on. The following part will simply introduce these ARP attacks. Imitating Gateway The attacker sends the MAC address of a forged Gateway to Host, and then the Host will automatically update the ARP table after receiving the ARP response packets, which causes that the Host cannot access the network normally. The ARP Attack implemented by imitating Gateway is illustrated in the following figure. Figure 14-10 ARP Attack - Imitating Gateway As the above figure shown, the attacker sends the fake ARP packets with a forged Gateway address to the normal Host, and then the Host will automatically update the ARP table after receiving the ARP packets. When the Host tries to communicate with Gateway, the Host will 306