Test whether subnet isolation ARP works.

Source: Internet
Author: User

From: network security technology blog

Today, I updated my article and had a holiday with hoho. "" We found that many VPS used subnet isolation during previous penetration. So I want to test whether subnet isolation can completely solve ARP IN A CIDR block.

The effect of slice is gateway isolation. Let's test that, since it is subnet isolation, we can modify the subnet and gateway.

After the modification, We will scan the entire network segment.

We can see that the entire network segment has been scanned, And the MAC address is also different. This shows that the effect has been achieved. To be more authentic, we use an illegal site for testing.

This is the SF station.

This kind of subnet isolation has been broken through, which indicates that subnet isolation is not a good method.

To prevent arp attacks, we recommend that you use a VLAN or bind a MAC address.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.