TP-LINK TL-SG5428 User's Guide Page 166
- Page / 253
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
As
the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then
Host B will automatically update its ARP table after receiving the ARP packets. When Host B tries
to communicate with Host A, it will encapsulate this false destination MAC address for packets,
which results in a breakdown of the normal communication.
Man-In-The-Middle Attack
The attacker continuously sends the false ARP packets to the Hosts in LAN so as to make the
Hosts maintain the wrong ARP table. When the Hosts in LAN communicate with one another, they
will send the packets to the attacker according to the wrong ARP table. Thus, the attacker can get
and process the packets before forwarding them. During the procedure, the communication
packets information between the two Hosts are stolen in the case that the Hosts were unaware of
the attack. That is called Man-In-The-Middle Attack. The Man-In-The-Middle Attack is illustrated in
the following figure.
Figure 11-12 Man-In-The-Middle Attack
Suppose there are three Hosts in LAN connected with one another through a switch.
Host A: IP address is 192.168.0.101; MAC address is 00-00-00-11-11-11.
Host B: IP address is 192.168.0.102; MAC address is 00-00-00-22-22-22.
Attacker: IP address is 192.168.0.103; MAC address is 00-00-00-33-33-33.
1. First, the attacker sends the false ARP response packets.
2. Upon receiving the ARP response packets, Host A and Host B updates the ARP table of
their own.
3. When Host A communicates with Host B, it will send the packets to the false destination
MAC address, i.e. to the attacker, according to the updated ARP table.
4. After receiving the communication packets between Host A and Host B, the attacker
processes and forwards the packets to the correct destination MAC address, which
makes Host A and Host B keep a normal-appearing communication.
5. The attacker continuously sends the false ARP packets to the Host A and Host B so as to
make the Hosts always maintain the wrong ARP table.
In the view of Host A and Host B, their packets are directly sent to each other. But in fact, there is a
Man-In-The-Middle stolen the packets information during the communication procedure. This kind
of ARP attack is called Man-In-The-Middle attack.
157
- TL-SG5428 1
- TL-SG5412F 1
- COPYRIGHT & TRADEMARKS 2
- FCC STATEMENT 2
- CE Mark Warning 2
- Safety Information 3
- Package Contents 10
- Chapter 1 About this Guide 11
- Chapter 2 Introduction 15
- 2.3 Appearance Description 16
- 2.3.2 Rear Panel 17
- 3.1 Login 19
- 3.2 Configuration 19
- Figure 3-3 Main Setup-Menu 20
- Chapter 4 System 21
- 4.1.2 Device Description 22
- 4.1.3 System Time 23
- 4.1.4 Daylight Saving Time 24
- 4.1.5 System IP 25
- Figure 4-7 System IP 26
- 4.2 User Management 27
- 4.3 System Tools 28
- 4.3.2 Config Backup 29
- 4.3.3 Firmware Upgrade 30
- 4.3.4 System Reboot 30
- 4.4 Access Security 31
- 4.4.2 SSL Config 33
- 4.4.3 SSH Config 34
- Figure 4-17 SSH Config 35
- Network Requirements 36
- Return to CONTENTS 39
- Chapter 5 Switching 40
- 5.1.2 Port Mirror 41
- Mirror Group List 42
- Mirror Group 42
- Mirroring Port 42
- 5.1.3 Port Security 43
- Figure 5-4 Port Security 44
- 5.1.4 Port Isolation 45
- 5.1.5 Loopback Detection 46
- 5.2 LAG 47
- 5.2.1 LAG Table 48
- 5.2.2 Static LAG 49
- 5.2.3 LACP Config 50
- Figure 5-10 LACP Config 51
- 5.3 Traffic Monitor 52
- 5.3.2 Traffic Statistics 53
- 5.4 MAC Address 54
- 5.4.1 Address Table 55
- 5.4.2 Static Address 56
- Figure 5-14 Static Address 57
- 5.4.3 Dynamic Address 58
- 5.4.4 Filtering Address 59
- Create Filtering Address 60
- Search Option 60
- Filtering Address Table 60
- Chapter 6 VLAN 62
- 6.1 802.1Q VLAN 63
- 6.1.1 VLAN Config 64
- VLAN Table 65
- 6.1.2 Port Config 66
- VLAN Port Config 67
- VLAN of Port 67
- 6.2 Protocol VLAN 68
- 6.2.1 Protocol VLAN 69
- 6.2.2 Protocol Template 69
- 6.2.3 Port Enable 70
- 6.3 VLAN VPN 71
- 6.3.1 VPN Config 72
- 6.4 GVRP 73
- GVRP 74
- Figure 6-12 GVRP Config 75
- 6.5 Private VLAN 77
- Figure 6-13 79
- Figure 6-16, supposing the 79
- 6.5.1 PVLAN Config 81
- 6.5.2 Port Config 82
- Network Diagram 85
- Configure Switch A 85
- Configure Switch B 85
- Configure Switch C 87
- Chapter 7 Spanning Tree 88
- Figure 7-1 Basic STP diagram 89
- Table 7-1 Comparing BPDUs 90
- 7.1 STP Config 92
- Figure 7-4 STP Config 93
- 7.1.2 STP Summary 94
- 7.2 Port Config 95
- 7.3 MSTP Instance 97
- Figure 7-8 Instance Config 98
- 7.3.3 Instance Port Config 99
- 7.4 STP Security 100
- Loop Protect 101
- Root Protect 101
- TC Protect 101
- BPDU Protect 101
- BPDU Filter 101
- Figure 7-10 Port Protect 102
- 7.4.2 TC Protect 103
- Configuration Procedure 104
- Configure Switch A: 104
- Configure Switch B: 104
- Configure Switch C: 105
- Configure Switch D: 105
- Chapter 8 Multicast 107
- Figure 8-3 below 108
- 8.1 IGMP Snooping 109
- 8.1.1 Snooping Config 110
- 8.1.2 Port Config 111
- 8.1.3 VLAN Config 112
- Figure 8-6 VLAN Config 113
- 8.1.4 Multicast VLAN 114
- Figure 8-7 Multicast VLAN 115
- Configuration procedure: 116
- 8.3 Multicast IP 117
- 8.3.2 Static Multicast IP 118
- 8.4 Multicast Filter 119
- 8.4.1 IP-Range 120
- 8.4.2 Port Filter 120
- Figure 8-11 Port Filter 121
- 8.5 Packet Statistics 122
- Chapter 9 QoS 124
- Figure 9-2 802.1Q frame 125
- Figure 9-3 IP datagram 125
- Figure 9-4 SP-Mode 126
- Figure 9-5 WRR-Mode 126
- 9.1 DiffServ 127
- 9.1.2 Schedule Mode 128
- 9.1.3 802.1P/CoS Mapping 129
- 9.1.4 DSCP Priority 130
- 9.2 Bandwidth Control 131
- 9.2.2 Storm Control 132
- 9.3 Voice VLAN 133
- Port Voice VLAN Mode 134
- 9.3.1 Global Config 136
- 9.3.2 Port Config 136
- Figure 9-13 Port Config 137
- 9.3.3 OUI Config 138
- Chapter 10 ACL 140
- 10.1.2 Time-Range Create 141
- 10.2 ACL Config 142
- 10.2.2 ACL Create 143
- 10.2.3 MAC ACL 143
- 10.2.4 Standard-IP ACL 144
- 10.2.5 Extend-IP ACL 145
- Permit: Forward packets 146
- Deny: Discard Packets 146
- 10.3 Policy Config 147
- 10.3.3 Action Create 148
- 10.4 Policy Binding 149
- 10.4.3 VLAN Binding 150
- Configuration Procedure: 151
- Chapter 11 Network Security 154
- 11.1.2 Manual Binding 155
- Figure 11-2 Manual Binding 156
- 11.1.3 ARP Scanning 157
- 11.1.4 DHCP Snooping 158
- DHCP Working Principle 159
- Option 82 160
- DHCP Cheating Attack 160
- Figure 11-8 DHCP Snooping 162
- 11.2 ARP Inspection 163
- Imitating Gateway 164
- Cheating Gateway 164
- Cheating Terminal Hosts 165
- Man-In-The-Middle Attack 166
- 11.2.1 ARP Detect 167
- 11.2.2 ARP Defend 168
- 11.2.3 ARP Statistics 169
- 11.3 IP Source Guard 170
- 11.4 DoS Defend 171
- 11.5 802.1X 173
- 802.1X Timer 176
- 11.5.1 Global Config 177
- Global Config 178
- Authentication Config 178
- 11.5.2 Port Config 179
- 11.5.3 Radius Server 180
- Chapter 12 SNMP 182
- MIB Introduction 183
- 12.1 SNMP Config 184
- 12.1.2 SNMP View 185
- 12.1.3 SNMP Group 185
- Figure 12-5 SNMP Group 186
- 12.1.4 SNMP User 187
- User Table 188
- 12.1.5 SNMP Community 189
- 12.2 Notification 191
- 12.3 RMON 192
- 12.3.1 History Control 193
- 12.3.2 Event Config 194
- 12.3.3 Alarm Config 194
- Figure 12-11 Alarm Config 195
- Chapter 13 LLDP 197
- 13.1 Basic Config 200
- 13.1.2 Port Config 201
- 13.2 Device Info 202
- 13.2.2 Neighbor Info 203
- 13.3 Device Statistic 204
- Auto Refresh 205
- Global Statistics 205
- Neighbor Statistics 205
- Chapter 14 Cluster 207
- 14.1 NDP 208
- 14.1.2 NDP Summary 209
- 14.1.3 NDP Config 210
- Figure 14-4 NDP Config 211
- 14.2 NTDP 212
- 14.2.2 NTDP Summary 213
- 14.2.3 NTDP Config 214
- Figure 14-8 NTDP Config 215
- 14.3 Cluster 216
- Cluster Config 217
- Member Info 217
- 14.3.2 Cluster Config 218
- 14.3.3 Member Config 221
- 14.3.4 Cluster Topology 222
- Figure 14-19 Network diagram 224
- Chapter 15 Maintenance 226
- 15.2 Log 227
- 15.2.1 Log Table 228
- 15.2.2 Local Log 228
- 15.2.3 Remote Log 229
- 15.3 Device Diagnostics 230
- 15.3.1 Cable Test 231
- 15.3.2 Loopback 231
- 15.4 Network Diagnostics 232
- 15.4.2 Tracert 233
- Figure 15-10 Tracert 234
- 1. Hardware Installation 235
- Figure 16-5 Port Settings 237
- Figure 16-6 bootUtil Menu 237
- Appendix A: Specifications 239
- Figure B-1 240
- Figure B-2 240
- Figure B-3 241
- 1.1 Installation Guide 242
- Figure C-6 Setup Status 244
- 1.2 Uninstall Software 245
- 1.3 Configuration 246
- Appendix D: Glossary 250
Related products and manuals for Network switches TP-LINK TL-SG5428
Network switches TP-LINK TL-SG2424P User Manual
(176 pages)
(176 pages)
© 2020, manymanuals.com. All rights reserved. | 4.039 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals