First check state of DHCP snooping table.
Example of IP arp inspection configured on VLAN 123. Arp access control list OUR-ARP-ACL is configured for the port where router is connected and is trusted
Port 2 where an attacker is configured as untrusted port, rate limited. It is policed and err-disabled if violated.
Example of an CAM poisoning attack and ping sweep causing port to err-disable,. Additional validation of source, destination and IP address to increase security.
\
No comments:
Post a Comment