network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Sunday, June 3, 2012

mac spoofing v arp spoofing...

mac spoofing

   the switch is tricked that the same mac address is connected to two different ports... this effectively poisons the cam (or mac table) also known as man in the middle

mitigation port security

arp spoofing

   during arp request and reply, an attacker injects a fake reply message using their own mac address masquerading as a legitimate host

mitigation dai dynamic arp inspection
   dai  performs an ip to mac binding  inspection... packets with invalid ip to arp bindings will be dropped

      inspects all requests on responses on untrusted ports; only ingress (inbound)
      validates intercepted packet ip to mac bindings, before updating the local arp cache, and before forwarding
      drops ip to mac binding failures

usually employed with  dhcp snooping

for relay agents, use dhcp relay information option 82

ip dhcp  snooping limit rate
is used to limit the number of dhcp messages an untrusted interface can receive

No comments:

Post a Comment