Dynamic Arp Inspection Configuration; Understanding Dai; Understanding Arp Spoofing Attack - D-Link xStack DGS-3610 Series Configuration Manual
Hide thumbs
Also See for xStack DGS-3610 Series:
- Quick installation manual (6 pages) ,
- Hardware installation manual (26 pages)
Table of Contents
Advertisement
DGS-3610 Series Configuration Guide
43
43.1 Understanding DAI
DAI, an acronym of Dynamic ARP Inspection, refers to validity inspection of received ARP
packets. Illegal ARP packets will be discarded.
43.1.1
Understanding ARP Spoofing Attack
ARP itself does not check the validity of incoming ARP packets. Due to the drawback of ARP,
attackers can launch ARP spoofing attacks easily. The most typical one is the intermediary
attack, which is described as follows:
Figure 43-1
A
(IPA, MACA)
As shown in the diagram, devices A, B and C are connected to DGS-3610 series and
located in the same subnet. Their IP and MAC addresses are respectively represented with
(IPA, MACA), (IPB, MACB) and (IPC, MACC). When device A needs to communicate with
device B in the network layer, device A broadcasts an ARP request in the subnet to query the
MAC value of device B. Upon receiving this ARP request packet, device B updates its ARP
Dynamic ARP Inspection
Configuration
Chapter 43 Dynamic ARP Inspection Configuration
C
(IPC, MACC)
B
(IPB, MACB)
43-1
Advertisement
Table of Contents
