Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

arp spoofing / poisoning

Hi all, is there any way of protecting my network against arp poisoning attacks etc?

cheers

Carl

2 REPLIES

Re: arp spoofing / poisoning

Hi,

DAI ( Dynamic ARP Inspection ) is the feature will help you on switches & routers.

Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks.

Dynamic ARP inspection ensures that only valid ARP requests and responses are relayed. The switch performs these activities:

•Intercepts all ARP requests and responses on untrusted ports

•Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before updating the local ARP cache or before forwarding the packet to the appropriate destination

•Drops invalid ARP packets

For PIX/ASA

ARP Inspection is the feature that will prevents malicious users from impersonating other hosts or routers (known as

ARP spoofing). ARP spoofing can enable a “man-in-the-middle” attack.

HTH...rate if helpful..

New Member

Re: arp spoofing / poisoning

hi there, so how would I set this up on a switch, what is the feature called ?

201
Views
0
Helpful
2
Replies