HP J3188A How Intruder Prevention Works, How Eavesdrop Prevention Works, Authorized MAC address

Page 78

Security Information

Security Information

How Intruder Prevention Works

How Intruder Prevention Works

Intruder Prevention stops an unauthorized computer (or other device) from actively gaining access to the network. When a port is configured for Intruder Prevention, the hub examines the source address of each packet coming in through that port and compares it with the authorized MAC address. If the addresses are not the same, the hub concludes that an intruder is attempting to gain access to the network and takes the appropriate action (as configured): either disabling the port, sending an alarm to the network management station, or both. See “Setting Inbound Security with Intruder Prevention” later in this appendix.

How Eavesdrop Prevention Works

Eavesdrop Prevention stops a computer (or other device) from seeing network traffic that is not intended for that port. When Eavesdrop Prevention is configured on a port, the hub compares the port’s authorized MAC address with the destination address of any outbound packet. If the addresses match, the hub concludes that the packet is destined for the computer attached to the port, and it sends the packet out through the port unaltered. However, if the addresses do not match, the hub prevents the computer from seeing the packet’s contents by substituting a meaningless string of 1’s and 0’s. Note that broadcast and multicast packets are repeated to all the ports, even when Eavesdrop Prevention is activated. See “Setting Outbound Security with Eavesdrop Prevention” later in this appendix.

Authorized MAC address

To provide data security on a hub port, a single, unique MAC address must be configured as the authorized MAC address for each port. You can configure the authorized MAC address either by assigning it or by designating the port to learn it automatically. This configuration is performed with the Secure command from the hub’s console. See the Secure command description in the chapter on Managing the Hub.

F-2

Image 78

Contents HP J3188A Page Installation and Reference Guide HP 10Base-T Hub-16M J3188APublication Number Back of the Hub HP 10Base-T Hub-16M J3188AFront of the Hub IiiFeatures Network ConnectionsContents Cables and Connectors Security Information ViiPage Installing the Hub Connect the external transceiver Installing and Configuring Your HubVerify included parts Verify the hub operates correctlyCord connected directly to the hub for proper operation TimeLED PatternMount the hub Rack or Cabinet MountingTable Mounting Connect the hub to your network Connecting Devices to the Hub Connecting Hubs TogetherTwisted-Pair Cascade Connections Installing ThinLAN ConnectionsOhm terminator Connecting the Hub-16M to a Fiber-Optic Backbone Interpreting LED StatusInterpreting Hub Status LEDs Interpreting Port Status LEDs Following table provides LED port informationPage Troubleshooting Troubleshooting ApproachesUsing a Checklist to Diagnose the Hub Troubleshooting Using a Checklist to Diagnose the HubProblem Solution LED Operation Power Coll Troubleshooting LED OperationDiagnostic Tips Hub will automatically recover afterHub Maintenance Tasks Testing the Hub OnlyClearing a Password for the Ascii Console Troubleshooting Hub Maintenance Tasks Running Connectivity TestsObtaining Firmware Enhancements Setting up the Ascii Console Managing the HubDirectly, Using a Serial Cable and a Terminal Remotely, Using TelnetManaging the Hub Remotely, Using a Modem and a Terminal Starting the ConsoleExample HE ST This displays help for the Status command Console Command ReferenceCommands are described in the rest of the chapter Syntax Conventions on Help ScreenBAckup Default DescriptionCounter Name Definition Valid Range CDpstatusCOunters RangeIPconfig When to Use IPconfigDIsconnect Using IP Configuring for Network ManagementUsing Novell NetWare IPX Following table explains the IP parametersParameter Default Value Definition MAnagers SHowCommand Manager Address IP or IPX Receive Alarms?To end your editing NEighbor Displays the other devices that are using CDP protocolMEssageinterval Table entry with ID 1 would now be a blank linePIng PAsswordClear a password Community nameREset POrt port ON/OFFRObustness Security Configuration Parameter Definitions SEcure portSHowCLearManaging the Hub Configuring Security on a Single Port Configuring Security on All Twisted-Pair PortsEavesdrop Prevention, must be set to on Address Selection Authorized Showing the Security Configuration Clearing Security Violation IndicatorsSPeed new speed STatusStatus Information What It Means 16M will respond with the correct packet Network links, see the , TroubleshootingTEstlink To sendPage Cables and Connectors Recommended CablesFollowing table shows PC connections to the RS-232 port Cables and Connectors Following table shows network connections to the hubCable Function Cable Type HP Product Number Pins 3 and 6 must be a twisted pair Twisted-Pair Cable/Connector Pin-OutsPins 1 and 2 must be a twisted pair Twisted-Pair Cable for Hub-to-Computer Network ConnectionCable pin-out described below RS-232 Connector and Cable Pin-OutsInstaller for assistance with your cabling requirements Minimum pin-out will function correctlySignal Minimum Cable Pinout for Ascii Console ConnectionRS-232 Modem Cable Twisted-Pair Cable Pin Assignments Twisted-Pair Straight-Through CableHub End MDI-X Electrical SpecificationsPhysical EnvironmentalConnectors SpecificationsElectromagnetic Modem Configuration US Robotics Courier V.FC/V.34Megahertz XJ2288 Pcmcia card modem Practical Peripherals PM288MT II Intel 14.4EXSupra FAX Network Addressing Communication Between the Hub Network Management StationIPX Addressing Notes IPX Addressing for Novell NetWareIP Addresses for IP and Non-IP Networks Globally Assigned IP Network AddressesDevice IP Configuration CountryCompany Name/Address Using Bootp Bootp ProcessBootp Table File Entries Definitions of the table entry fieldsPage Backup Links How Backup Links WorkBackup Links LimitationsAdditional Notes Hub to a Switch Examples of Backup LinksHow the Backup Function Works Hub to a ServerT e G g e s t i o n Hub can monitor only one linkConfiguring a Backup Link Configuration/Installation SequenceIdentifying the Backup Link Indications of Backup Link ActivationReactivating the Primary Link Page Security Information Understanding Network SecurityAuthorized MAC address How Intruder Prevention WorksHow Eavesdrop Prevention Works Security InformationAssigning the Authorized MAC address Setting Inbound Security with Intruder Prevention Auto Port Disable Send AlarmSetting Outbound Security with Eavesdrop Prevention Security Information Page Safety and Regulatory Statements Mounting PrecautionsSettings to configure Power PrecautionsTemperature might exceed 45C 113F Equipment and should be easily accessibleSafety Information GroundingInformations concernant la sécurité Tible de causer des dommages à léquipementHinweise zur Sicherheit Considerazioni sulla sicurezza Consideraciones sobre seguridad Safety Information Japanese European Community Regulatory StatementsFCC Class a Statement for U.S.A. Only CanadaDeclaration of Conformity Index IndexDiagnosing with the LEDs … 2-2 diagnostic tests Late collision … 3-13 mounting the hub … LED description … Verifying hub operation … Page J3188-90001