4 the arp inspection screen, 1 configuring arp inspection, Ax b – ZyXEL Communications MES-2110 User Manual
Page 147

Chapter 19 IP Source Guard
MES-2110 User’s Guide
147
19.4 The ARP Inspection Screen
Use ARP inspection to filter unauthorized ARP frames on the network. This can
prevent many kinds of man-in-the-middle attacks, such as the one in the following
example.
Figure 68 Example: Man-in-the-middle Attack
In this example, computer B tries to establish a connection with computer A.
Computer X is in the same broadcast domain as computer A and intercepts the
ARP request for computer A. Then, computer X does the following things:
• It pretends to be computer A and responds to computer B.
• It pretends to be computer B and sends a message to computer A.
As a result, all the communication between computer A and computer B passes
through computer X. Computer X can read and alter the information passed
between them.
19.4.1 Configuring ARP Inspection
Follow these steps to configure ARP inspection on the MES-2110.
1
Configure DHCP snooping. See
Note: It is recommended you enable DHCP snooping at least one day before you
enable ARP inspection so that the MES-2110 has enough time to build the
binding table.
2
Enable ARP inspection on the MES-2110. See
for more
details about turning on this feature.
A
X
B