|
内网ARP攻击的解决办法: 在三层交换机(以HUAWEI举例)上使用命令: [HW-S5720]dis logbuffer 查询得到如下信息:Detected an IP address collision. (IpAddress=103.210.8.210, LocalMacAddress=cc53-b5ee-2d6b, LocalInterfaceName=GigabitEthernet0/0/31, LocalVlanId=72, ReceiveMacAddress=008c-fa86-ce90, ReceiveInterfaceName=GigabitEthernet0/0/18, ReceiveVlanId=72) 说明:检测到IP冲突,两个MAC解析同一个IP地址,先核实正确MAC,然后一步一步查询错误的MAC如:008c-fa86-ce90在哪台机器,关闭其端口即可。 用MAC追踪机器的具体方法如下(三层HUAWEI,二层思科): [Huawei]dis mac-address 008c-fa86-ce90 MAC address table of slot 0: ------------------------------------------------------------------------------- MAC Address VLAN/ PEVLAN CEVLAN Port Type LSP/LSR-ID VSI/SI MAC-Tunnel ------------------------------------------------------------------------------- 008c-fa86-ce90 72 - - GE0/0/18 dynamic 0/- CISCO#show mac address-table address 008c.fa86.ce90 Unicast Entries vlan mac address type protocols port -------+---------------+--------+---------------------+-------------------- 1845 008c.fa86.ce90 dynamic ip GigabitEthernet1/9
| 
发表于 2020-5-19 14:33:33
