Displaying And Maintaining Source Mac Address Based Arp Attack Detection; Configuring Arp Packet Source Mac Address Consistency Check; Introduction; Configuration Procedure - HP 5120 SI Series Security Configuration Manual

Displaying and maintaining source MAC address based ARP
attack detection
To do...
Display attacking MAC addresses detected
by source MAC address based ARP attack
detection
Configuring ARP packet source MAC address
consistency check

Introduction

This feature enables a gateway device to filter out ARP packets with a source MAC address in the
Ethernet header different from the sender MAC address in the message body, so that the gateway device
can learn correct ARP entries.

Configuration procedure

Follow these steps to enable ARP packet source MAC address consistency check:
To do...
Enter system view
Enable ARP packet source MAC
address consistency check

Configuring ARP active acknowledgement

Introduction
The ARP active acknowledgement feature is configured on gateway devices to identify invalid ARP
packets.
ARP active acknowledgement works before the gateway creates or modifies an ARP entry to avoid
generating any incorrect ARP entry. For more information about its working mechanism, see ARP Attack
Protection Technology White Paper.
Configuration procedure
Follow these steps to configure ARP active acknowledgement:
To do...
Enter system view
Use the command...
display arp anti-attack source-mac
{ slot slot-number | interface
interface-type interface-number } [ |
{ begin | exclude | include }
regular-expression ]
Use the command...
system-view
arp anti-attack valid-check enable
Use the command...
system-view
307
Remarks
Available in any
view
Remarks
—
Required
Disabled by default.
Remarks
—