![](/images/backgrounds/293017/hp-v1910-users-manual-120219327x1.png)
ARP attack defense configuration
Although ARP is easy to implement, it provides no security mechanism and thus is prone to network attacks. ARP attacks and viruses are threatening LAN security. The device can provide multiple features to detect and prevent such attacks. This chapter mainly introduces these features.
ARP detection
Introduction to ARP detection
The ARP detection feature allows only the ARP packets of authorized clients to be forwarded, preventing
According to the ARP design, after receiving an ARP reply, a host adds the
As shown in a, Host A communicates with Host C through a switch. After intercepting the traffic between Host A and Host C, a hacker (Host B) forwards forged ARP replies to Host A and Host C respectively. Upon receiving the ARP replies, the two hosts update the MAC address corresponding to the peer IP address in their ARP tables with the MAC address of Host B (MAC_B). After that, Host B establishes independent connections with Host A and Host C and relays messages between them, deceiving them into believing that they are talking directly to each other over a private connection, while the entire conversation is actually controlled by Host B. Host B may intercept and modify the communication data. Such an attack is called a
315