Common Attacks in LAN (Network Security)

Enterprise 2023-05-04 18:17:37 views: null

1. Prevent ARP spoofing attacks in the LAN Phenomenon
: Some illegal PCs in the intranet pretend to be gateways to respond to ARP request packets sent by normal PCs, causing the computers to send data, and all traffic enters the illegal PCs, causing users to be unable to access the Internet.
Operation: Do gateway binding on the layer 3 switch, important server, computer ARP binding
computer binding gateway ARP, domain controller, important server address
Huawei switch arp binding command:
#arp static 10.251.XX XXXX-XXXX-XXXX

Computer terminal arp binding command:
query netsh interface ipv4 show in
netsh -c "interface ipv4" add neighbors idx "10.251.XX" "10.251.XX" (the idx here is filled in according to the result of your query
) DHCP attack on the network
Phenomenon: In the internal network management, employees often access routers to connect to the LAN, resulting in multiple DHCP address servers in the enterprise. If the computer receives an illegal DHCP server address IP, the data will be intercepted, and some business websites will not be accessible.

Operation: We can configure the DHCP trust port, and the configuration is generally configured at the access layer, because the data forwarding and core layer are generally in the computer room. After an untrusted port is enabled, the DHCP OFFER and DHCP REQUEST packets received by the port will be discarded directly to avoid other illegal DHCP servers under the untrusted port.
Configuration command:
in global mode:
dhcp
dhcp snooping enable

In port mode:
dhcp snooping trusted

3. Prevent the loop
phenomenon in the intranet: In the local area network, when some employees join the network, they make a wrong connection and connect both ends of the network cable to the unified switch, which makes the switch port loop. The traffic on the port will be abnormally high. The network speed of the LAN is slow, and the card is turned on, and the network management personnel enter the switch and the card is also stuck.

Operation: We can configure the loopback-detect loop prevention command of Huawei switches.
Configuration command:

In global mode:
# loopback-detect enable

In interface mode:
# interface GigabitEthernet0/0/1
#loopback-detect action shutdown -----(if a loop is detected on this interface, port shutdown will be executed)
# interface GigabitEthernet0/0/2
#loopback-detect action shutdown

View environment detection information
#display loopback-detect

Guess you like

Origin blog.csdn.net/qdksc/article/details/127045337
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com