Home » TP-Link Manuals » Hubs & Switches » TP-Link TL-SL5428E » Manual Viewer

TP-Link TL-SL5428E User Guide - Page 166

Man-In-The-Middle Attack

UPC - 845973020873

Add to My Manuals
Save this manual to your list of manuals

Page 166 highlights

Figure 13-11 ARP Attack - Cheating Terminal Hosts As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then Host B will automatically update its ARP table after receiving the ARP packets. When Host B tries to communicate with Host A, it will encapsulate this false destination MAC address for packets, which results in a breakdown of the normal communication. ¾ Man-In-The-Middle Attack The attacker continuously sends the false ARP packets to the Hosts in LAN so as to make the Hosts maintain the wrong ARP table. When the Hosts in LAN communicate with one another, they will send the packets to the attacker according to the wrong ARP table. Thus, the attacker can get and process the packets before forwarding them. During the procedure, the communication packets information between the two Hosts are stolen in the case that the Hosts were unaware of the attack. That is called Man-In-The-Middle Attack. The Man-In-The-Middle Attack is illustrated in the following figure. 158

Section	Page
Package Contents	9
Chapter 1 About this Guide	10
1.1 Intended Readers	10
1.2 Conventions	10
1.3 Overview of This Guide	10
Chapter 2 Introduction	14
2.3.1 Front Panel	15
2.3.2 Rear Panel	16
Chapter 3 Installation	17
3.1 Precautions	17
3.2 Installation	17
3.2.1 Desktop Installation	18
3.2.2 Rack Installation	18
3.3 Connect to Ground	19
Chapter 4 Connection	22
4.1 Ethernet Ports	22
4.2 SFP Ports	22
4.3 Console Port	23
4.4 Power On	24
Chapter 5 Login to the Switch	25
5.1 Login	25
5.2 Configuration	25
Chapter 6 System	27
6.1 System Info	27
6.1.1 System Summary	27
6.1.2 Device Description	29
6.1.3 System Time	30
6.1.4 System IP	31
6.2 User Manage	32
6.2.1 User Table	32
6.2.2 User Config	32
6.3 System Tools	34
6.3.1 Config Restore	34
6.3.2 Config Backup	34
6.3.3 Firmware Upgrade	35
6.3.4 System Reboot	36
6.3.5 System Reset	36
6.4 Access Security	36
6.4.1 Access Control	36
6.4.2 SSL Config	38
6.4.3 SSH Config	39
Chapter 7 Switching	45
7.1 Port	45
7.1.1 Port Config	45
7.1.2 Port Mirror	46
7.1.3 Port Security	48
7.2 LAG	49
7.2.1 LAG Table	50
7.2.2 Static LAG	51
7.2.3 LACP Config	52
7.3 Traffic Monitor	54
7.3.1 Traffic Summary	54
7.3.2 Traffic Statistics	55
7.4 MAC Address	56
7.4.1 Address Table	57
7.4.2 Static Address	59
7.4.3 Dynamic Address	60
7.4.4 Filtering Address	62
Chapter 8 VLAN	64
8.1 802.1Q VLAN	65
8.1.1 VLAN Config	67
8.1.2 Port Config	69
8.2 MAC VLAN	71
8.2.1 MAC VLAN	71
8.2.2 Port Enable	72
8.3 Protocol VLAN	73
8.3.1 Protocol VLAN	74
8.3.2 Protocol Template	74
8.3.3 Port Enable	75
8.4 VLAN VPN	76
8.4.1 VPN Config	77
8.4.2 VLAN Mapping	78
8.4.3 Port Enable	79
8.5 GVRP	80
Chapter 9 Spanning Tree	84
9.1 STP Config	89
9.1.1 STP Config	89
9.1.2 STP Summary	91
9.2 Port Config	92
9.3 MSTP Instance	94
9.3.1 Region Config	94
9.3.2 Instance Config	95
9.3.3 Instance Port Config	96
9.4 STP Security	98
9.4.1 Port Protect	98
9.4.2 TC Protect	101
9.5 Application Example for STP Function	102
Chapter 10 Multicast	106
10.1 IGMP Snooping	108
10.1.1 Snooping Config	109
10.1.2 Port Config	110
10.1.3 VLAN Config	111
10.1.4 Multicast VLAN	113
10.2 Multicast IP	116
10.2.1 Multicast IP Table	117
10.2.2 Static Multicast IP	117
10.3 Multicast Filter	118
10.3.1 IP-Range	119
10.3.2 Port Filter	120
10.4 Packet Statistics	121
Chapter 11 QoS	123
11.1 DiffServ	126
11.1.1 Port Priority	126
11.1.2 Schedule Mode	127
11.1.3 802.1P Priority	128
11.1.4 DSCP Priority	129
11.2 Bandwidth Control	131
11.2.1 Rate Limit	131
11.2.2 Storm Control	132
11.3 Voice VLAN	133
11.3.1 Global Config	135
11.3.2 Port Config	136
11.3.3 OUI Config	137
Chapter 12 ACL	139
12.1 Time-Range	139
12.1.1 Time-Range Summary	139
12.1.2 Time-Range Create	140
12.1.3 Holiday Config	141
12.2 ACL Config	141
12.2.1 ACL Summary	142
12.2.2 ACL Create	142
12.2.3 MAC ACL	143
12.2.4 Standard-IP ACL	144
12.2.5 Extend-IP ACL	145
12.3 Policy Config	146
12.3.1 Policy Summary	146
12.3.2 Policy Create	147
12.3.3 Action Create	147
12.4 Policy Binding	149
12.4.1 Binding Table	149
12.4.2 Port Binding	149
12.4.3 VLAN Binding	150
Chapter 13 Network Security	154
13.1 IP-MAC Binding	154
13.1.1 Binding Table	154
13.1.2 Manual Binding	155
13.1.3 ARP Scanning	157
13.1.4 DHCP Snooping	158
13.2 ARP Inspection	164
13.2.1 ARP Detect	168
13.2.2 ARP Defend	169
13.2.3 ARP Statistics	170
13.5 802.1X	175
13.5.1 Global Config	179
13.5.2 Port Config	181
13.5.3 Radius Server	182
Chapter 14 SNMP	184
14.1 SNMP Config	186
14.1.1 Global Config	186
14.1.2 SNMP View	187
14.1.3 SNMP Group	188
14.1.4 SNMP User	189
14.1.5 SNMP Community	191
14.2 Notification	193
14.3 RMON	195
14.3.1 History Control	196
14.3.2 Event Config	196
14.3.3 Alarm Config	197
Chapter 15 Cluster	200
15.1 NDP	201
15.1.1 Neighbor Info	201
15.1.2 NDP Summary	202
15.1.3 NDP Config	204
15.2 NTDP	205
15.2.1 Device Table	205
15.2.2 NTDP Summary	206
15.2.3 NTDP Config	208
15.3 Cluster	209
15.3.1 Cluster Summary	209
15.3.2 Cluster Config	212
15.3.3 Member Config	214
15.3.4 Cluster Topology	215
15.4 Application Example for Cluster Function	217
Chapter 16 Maintenance	220
16.1 System Monitor	220
16.1.1 CPU Monitor	220
16.1.2 Memory Monitor	221
16.2 Log	222
16.2.1 Log Table	223
16.2.2 Local Log	223
16.2.3 Remote Log	224
16.2.4 Backup Log	225
16.3 Device Diagnose	226
16.3.1 Cable Test	226
16.3.2 Loopback	227
16.4 Network Diagnose	227
16.4.1 Ping	227
16.4.2 Tracert	228
Chapter 17 System Maintenance via FTP	230
Appendix A: Specifications	235
Appendix B: Configuring the PCs	236
Appendix C: 802.1X Client Software	239

Match case Limit results 1 per page

158

Figure 13-11 ARP Attack – Cheating Terminal Hosts

As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then

Host B will automatically update its ARP table after receiving the ARP packets. When Host B tries

to communicate with Host A, it will encapsulate this false destination MAC address for packets,

which results in a breakdown of the normal communication.

Man-In-The-Middle Attack

The attacker continuously sends the false ARP packets to the Hosts in LAN so as to make the

Hosts maintain the wrong ARP table. When the Hosts in LAN communicate with one another, they

will send the packets to the attacker according to the wrong ARP table. Thus, the attacker can get

and process the packets before forwarding them. During the procedure, the communication

packets information between the two Hosts are stolen in the case that the Hosts were unaware of

the attack. That is called Man-In-The-Middle Attack. The Man-In-The-Middle Attack is illustrated in

the following figure.