Sets the yundun firewall ARP protection function to defend against P2P Terminator

Many users may have misunderstandings when using the WAF's ARP protection function. In the afternoon, they are free to test the ARP protection function in the company's local network. The diagram is as follows, hoping to help some users!

Let's talk about ARP protection principles:

1. Point-to-Point attacks: the other Party sends an ARP attack packet to you. Such a firewall will intercept the packets.

2. it's still a point-to-point attack. It's just a change to the attack's target image. It's a gateway attack that notifies the gateway of "What is your MAC". Of course, it tells the gateway that the MAC is wrong, therefore, the communication between you and the gateway is disconnected. The firewall cannot receive this attack by default, so it cannot be intercepted. However, the arpfirewall feature adds the "enable active defense" function to combat this function. The other party tells the gateway the wrong address, and the IOT platform tells the gateway the correct address.

Plain text:

Install the Skiller software on the company's LAN server. Open the Skiller software interface as follows (click "scan network" to obtain the list of LAN online hosts)

Select 192.168.1.7 (my own computer) to attack my computer, for example:

Okay. After the attack started, my computer's firewall did not select the "enable active defense" function. The result is as follows: Ping the gateway first. If yes, open a website and try again, baidu.com cannot be opened. Dizzy. The attack is successful. For example:

Okay, let's try the active defense function. The result is as follows: after the "active defense" function is enabled, the website can be opened, the speed is a little slower than when there is no attack at ordinary times, but the website can be browsed normally, such:

An ARP attack is done in this way.