Security
ARP Inspection
STEP 4
ARP Inspection
Cisco Sx350, SG350X, SG350XG, Sx550X & SG550XG Series Managed Switches, Firmware Release 2.2.5.x
-
No Problem—Interface is active.
-
No Snoop VLAN—DHCP Snooping is not enabled on the VLAN.
-
Trusted Port—Port has become trusted.
-
Resource Problem—TCAM resources are exhausted.
To see a subset of these entries, enter the relevant search criteria and click Go.
ARP enables IP communication within a Layer 2 Broadcast domain by mapping IP addresses
to a MAC addresses.
A malicious user can attack hosts, switches, and routers connected to a Layer 2 network by
poisoning the ARP caches of systems connected to the subnet and by intercepting traffic
intended for other hosts on the subnet. This can happen because ARP allows a gratuitous reply
from a host even if an ARP request was not received. After the attack, all traffic from the
device under attack flows through the attacker's computer and then to the router, switch, or
host.
The following shows an example of ARP cache poisoning.
ARP Cache Poisoning
16
322