12-laboratoriya ishi arp poisoning tarmoq hujumi tahlili ishdan maqsad



Yüklə 0,71 Mb.
səhifə3/4
tarix08.06.2023
ölçüsü0,71 Mb.
#126787
1   2   3   4
12-laboratoriya ishi arp poisoning tarmoq hujumi tahlili ishdan

Amaliy qism.
ARP spoofingdan himoya tizimini yoqish.
Device> enable
Device# configure terminal
Device(config)# arp anti-spoofing
Device(config)# arp anti-spoofing unknown discard
Xost xavfsizligini sozlash
Portdagi xost xavfsizligini sozlash portga noma'lum ARP paketlarini tashlashga imkon beradi. Qurilmani noma'lum ARP paketlarini tushirish uchun sozlashda IP portni bog'lashni sozlang. Bu ushbu IP-manzilning ARP paketiga boshqa portlarga faqat ushbu tuzilgan port orqali manevr qilish imkoniyatini beradi. Agar ushbu IP-manzilning ARP to'plami boshqa portga kirsa, u o'chiriladi.
Device> enable
Device# configure terminal
Device# host bind ip 192.168.5.13 ethernet 1/2
Manba MAC manzilini tekshirishni sozlash.
MAC-manzilning izchilligini tekshirishni sozlash uchun ushbu protsedurani bajarish kerak.
Device> enable
Device# configure terminal
Device# arp anti-spoofing valid-check
Antispofing shlyuzini sozlash.
Shlyuzni soxtalashtirishni sozlash uchun ushbu protsedurani bajarish kerak.
Device> enable
Device# configure terminal
Device# arp anti-spoofing deny-disguiser
Ishonch portini sozlash.
Ishonch portini sozlash uchun ushbu protsedurani bajarish kerak.
Device> enable
Device# configure terminal
Device# interface fastEthernet (interfeys portining raqamini ko'rsating)
Device# arp anti trust
Ishonchli port sozlamalarini o'chirish uchun quyidagi buyruqni kiriting:
Device# no arp anti trust
Anti-Flood Attackni sozlash.
Toshqinlarga qarshi hujumni tashkil qilish uchun ushbu protsedurani bajarish kerak.
Device> enable
Device# configure terminal
Device(config)# arp anti-flood
Device(config)# arp anti-flood threshold (odatda sekundiga 16 paket)
Device(config)# arp anti-flood action deny-arp {deny-all|deny-arp} {deny-all | deny-arp}
(Yiqiladigan paketlar turini belgilaydi.deny-all: Xostni manzilning qora ro'yxatiga qo'shadi va barcha packets.deny- arp: Faqat ARP paketlarini tashlaydi)
Device(config)# arp anti-flood recover-time 100
Device(config)# arp anti-flood recover 00:00:00:00:32:33
Device# interface fastEthernet (interfeys portining raqamini ko'rsating)
Device(config)# arp anti-flood threshold
ARP snooping va Flood Attack hujumini kuzatish.
ARP Snooping va Flood Attack-ni kuzatish uchun quyidagi jadvaldagi buyruqlardan foydalanish mumkin.

Jadval 12.1. ARP Snooping va Flood Attack buyruqlari


Yüklə 0,71 Mb.

Dostları ilə paylaş:
1   2   3   4




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin