I. Description
ARP attack wantonly exists in the current network. It will affect the ARP information in the switch and hosts, and misleading the data flow to a wrong address.
II. Resolution
To resolve the issue, H3C has added the anti ARP attack function in the latest released software. If there are S7500 switches in the network, the administrator may upgrade the COMWARE to the version R3133 or later.
The software contains the following commands for the function:
[H3C S7506R]arp mac-arp-map limit ?
INTEGER<1-8192> Attack list of the ARP attacker
The integer indicates the most IP address that one MAC address can match. The default value is 2 in Release 3135 and earlier. In Release 3135P06, the default value is modified to 8192. It means if you upgrade the COMWARE to R3135P06 or later, and you want to use the anti ARP attack function, you need to use the command to adjust the parameter to a appropriate value according to the network security requirement.
In addition, you may use the following command to check the suspected addresses that make ARP attacks and are recorded by the S7500 switch.
[H3C S7506R]dis arp attack-list
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作