D-Link DSA-3200 Technical Information Page 294
- Page / 321
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
xStack
®
DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide
280
How ARP Spoofing Attacks a Network
ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data
frames on a LAN, modify the traffic, or stop the traffic altogether (known as a Denial of Service – DoS attack). The principle of
ARP spoofing is to send the fake or spoofed ARP messages to an Ethernet network. Generally, the aim is to associate the attacker's
or random MAC address with the IP address of another node (such as the default gateway). Any traffic meant for that IP address
would be mistakenly re-directed to the node specified by the attacker.
IP spoofing attack is caused by Gratuitous ARP that occurs when a host sends an ARP request to resolve its own IP address.
Figure-4 shows a hacker within a LAN to initiate ARP spoofing attack.
Figure 4
In the Gratuitous ARP packet, the “Sender protocol address” and “Target protocol address” are filled with the same source IP
address itself. The “Sender H/W Address” and “Target H/W address” are filled with the same source MAC address itself. The
destination MAC address is the Ethernet broadcast address (FF-FF-FF-FF-FF-FF). All nodes within the network will immediately
update their own ARP table in accordance with the sender’s MAC and IP address. The format of Gratuitous ARP is shown in the
following table
.
Table 5
Destination
Address
Source
Address
Ethernet
Type
H/W Type Protocol
Type
H/W
Address
Length
Protocol
Address
Length
Operation Sender H/W
Address
Sender
Protocol
Address
Target H/W
Address
Target
Protocol
Address
(6-byte) (6-byte) (2-byte) (2-byte) (2-byte) (1-byte) (1-byte) (2-byte) (6-byte) (4-byte) (6-byte) (4-byte)
FF-FF-FF-FF-FF-FF 00-20-5C-01-11-11
0806
ARP relay 00-20-5C-01-11-11 10.10.10.254 00-20-5C-01-11-11 10.10.10.254
A common DoS attack today can be done by associating a nonexistent or any specified MAC address to the IP address of the
network’s default gateway. The malicious attacker only needs to broadcast one Gratuitous ARP to the network claiming it is the
gateway so that the whole network operation will be turned down as all packets to the Internet will be directed to the wrong node.
Likewise, the attacker can either choose to forward the traffic to the actual default gateway (passive sniffing) or modify the data
before forwarding it (man-in-the-middle attack). The hacker cheats the victim PC that it is a router and cheats the router that it is
the victim. As can be seen in Figure 5 all traffic will be then sniffed by the hacker but the users will not discover.
Ethernet Header
Gratuitous ARP
- Table of Contents 3
- Intended Readers 11
- Safety Cautions 12
- Lithium Battery Precaution 14
- Section 1 15
- Introduction 15
- Web-based User Interface 16
- Web Pages 17
- Configuration 18
- Device Information 19
- System Information 19
- Serial Port Settings 20
- IP Address 20
- Port Configuration 22
- Port Settings 23
- Port Description Settings 25
- Static ARP Settings 26
- Gratuitous ARP 27
- User Accounts 28
- Command Logging Settings 29
- System Log Configuration 30
- System Severity Settings 31
- MAC Address Aging Time 32
- Web Settings 32
- Telnet Settings 33
- Password Encryption 33
- CLI Paging Settings 33
- Firmware Information 34
- Dual Configuration Settings 35
- Power Saving 37
- Power Saving Settings 38
- Power Saving LED Settings 39
- Power Saving Port Settings 39
- MAC Notification Settings 40
- SNMP Settings 41
- SNMP Global State Settings 42
- SNMP View Table 43
- SNMP Group Table 44
- SNMP User Table 45
- SNMP Community Table 46
- SNMP Host Table 47
- SNMP v6Host Table 48
- SNMP Engine ID 48
- SNMP Trap Configuration 49
- Single IP Management 50
- Upgrade to v1.61 51
- Single IP Settings 52
- Topology 53
- Tool Tips 55
- Right-Click 56
- Group Icon 56
- Commander Switch Icon 57
- Member Switch Icon 58
- Candidate Switch Icon 58
- Firmware Upgrade 60
- Upload Log File 60
- SD Card Backup Settings 62
- SD Card Execute Settings 62
- L2 Features 64
- IEEE 802.1Q VLANs 65
- 802.1Q VLAN Tags 66
- Port VLAN ID 67
- Tagging and Untagging 67
- Ingress Filtering 68
- Default VLANs 68
- Port-based VLANs 68
- VLAN Segmentation 69
- VLAN and Trunk Groups 69
- 802.1v Protocol VLAN 72
- GVRP Settings 74
- MAC-based VLAN Settings 75
- Private VLAN Settings 75
- PVID Auto Assign Settings 78
- Voice VLAN 78
- Voice VLAN Port Settings 79
- Voice VLAN OUI Settings 80
- Voice VLAN Device 80
- VLAN Trunk Settings 81
- Browse VLAN 82
- Egress Filter Settings 83
- L2 Multicast Control 83
- IGMP Snooping 84
- IGMP Router Port 88
- IGMP Snooping Counter 89
- IGMP Host Table 90
- MLD Snooping 91
- MLD Router Port 95
- MLD Snooping Counter 97
- Multicast VLAN 98
- Multicast Filtering 101
- Multicast Filtering Mode 103
- Port Mirroring 104
- Spanning Tree 105
- Port Transition States 106
- Edge Port 106
- P2P Port 106
- STP Bridge Global Settings 107
- STP Port Settings 108
- STP Instance Settings 111
- MSTP Port Information 111
- Link Aggregation 112
- Forwarding & Filtering 115
- Multicast Forwarding 116
- LLDP Global Settings 117
- LLDP Port Settings 118
- LLDP Management Address List 119
- LLDP Basic TLVs Settings 119
- LLDP Dot1 TLVs Settings 120
- LLDP Dot3 TLVs Settings 121
- LLDP Statistics System 122
- LLDP Local Port Information 123
- LLDP Remote Port Information 124
- LLDP-MED 125
- NLB FDB Settings 127
- L3 Features 129
- IPv6 Interface Settings 130
- IPv6 Route Settings 131
- IPv6 Neighbor Settings 131
- Section 5 133
- Understanding QoS 134
- Bandwidth Control 135
- Traffic Control 136
- 802.1p Default Priority 139
- 802.1p User Priority 139
- QoS Scheduling Mechanism 140
- Security 141
- RADIUS Accounting Settings 142
- RADIUS Authentication 143
- RADIUS Account Client 144
- IP-MAC-Port Binding (IMPB) 145
- ARP Mode 146
- ACL Mode 146
- Strict and Loose State 146
- IMPB Global Settings 147
- IMPB Port Settings 148
- IMPB Entry Settings 149
- MAC Block List 150
- DHCP Snooping 151
- ND Snoop 152
- Port Security 153
- Port Lock Entries 154
- DHCP Server Screening 155
- DHCP Offer Filtering 156
- Authentication Server 158
- Authenticator 158
- Authentication Process 159
- 802.1X Global Settings 162
- 802.1X Port Settings 163
- 802.1X User Settings 165
- Guest VLAN Settings 165
- Authenticator State 166
- Authenticator Statistics 166
- Authenticator Diagnostics 168
- SSL Settings 171
- SSL Certification Settings 173
- SSH Settings 174
- SSH User Authentication List 176
- Enable Admin 178
- Authentication Server Group 179
- Login Method Lists Settings 182
- Enable Method Lists Settings 183
- WAC Global Settings 190
- WAC User Settings 191
- WAC Port Settings 192
- WAC Authenticating State 193
- WAC Customize Page 193
- JWAC Global Settings 194
- JWAC Port Settings 196
- JWAC User Settings 197
- JWAC Authentication State 198
- JWAC Customize Page Language 199
- JWAC Customize Page 199
- Compound Authentication 200
- 802.1X & IMPB Mode 201
- IMPB & WAC/JWAC Mode 202
- MAC & IMPB Mode 202
- IGMP Access Control Settings 206
- BPDU Attack Protection 208
- Loopback Detection Settings 209
- Traffic Segmentation 210
- Safeguard Engine Settings 211
- Trusted Host Settings 212
- Section 7 214
- ACL Configuration Wizard 214
- Access Profile List 215
- CPU Access Profile List 229
- Time Range Settings 242
- Network Application 244
- DHCPv6 Relay 247
- DHCP Server 248
- DHCP Server Global Settings 249
- DHCP Server Pool Settings 250
- DHCP Server Manual Binding 251
- DHCP Local Relay Settings 252
- DHCP Option 12 Settings 254
- DNS Resolver 254
- SMTP Settings 257
- SNTP Settings 258
- Ping Test 260
- Section 9 262
- Ethernet OAM 262
- Ethernet OAM Event Log 264
- Ethernet OAM Statistics 264
- DULD Settings 265
- Cable Diagnostics 266
- Cable Diagnostics Notes 267
- Monitoring 268
- DRAM & Flash Utilization 269
- Port Utilization 270
- Packet Size 270
- Packets 272
- UMB_Cast (RX) 274
- Transmitted (TX) 275
- Received (RX) 277
- Browse ARP Table 280
- Browse Router Port 280
- Browse MLD Router Port 281
- Browse Session Table 281
- IGMP Snooping Group 282
- MLD Snooping Group 282
- MAC Address Table 283
- System Log 284
- Save and Tools 285
- Save Configuration 286
- Save Log 286
- Save All 287
- Download Firmware to SD Card 288
- Reboot System 290
- Using Packet Content ACL 291
- Ethernet Header 294
- Example topology 295
- Appendix D – Trap Logs 318
Related products and manuals for Networking D-Link DSA-3200
Networking D-Link DSL-300 User Manual
(5 pages)
(5 pages)
Networking D-Link DHP-306AV User Manual
(56 pages)
(56 pages)
Networking D-Link DVG-2032S User Manual
(3 pages)
(3 pages)
Networking D-Link DSL-320T User's Guide
(66 pages)
(66 pages)
Networking D-Link DSL-320B User Manual
(40 pages)
(40 pages)
Networking D-Link DGE-550SX User's Guide
(25 pages)
(25 pages)
Networking D-Link DCM-301 User Manual
(20 pages)
(20 pages)
Networking D-Link DI-206 User Manual
(15 pages)
(15 pages)
Networking D-Link DAP-3220 User Manual
(84 pages)
(84 pages)
Networking D-Link DWR-510 User Manual
(62 pages)
(62 pages)
© 2020, manymanuals.com. All rights reserved. | 2.490 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals