RE: computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security by henrychidiebere

Viewing a response to: @wisdomdavid/computer-networking-and-inter-connectivity-tutorial-2-network-types-technologies-and-network-security

steemstem · @henrychidiebere · Jun 7 '18

I'm so happy seeing guys venture into my domain. I love your work and I would love to ask a question. How do one mitigate IP spoofing attacks based on address resolution protocol impersonation?

properties (22)

@eurogee · Jun 7 '18

We are here to learn and nothing stop us from becoming highly knowledgeable in any particular niche. Had learnt so many things that would not have been possible without steemit.

This your question shows your versed, and I do hope the author @wisdomdavid provides a good answer to this question.

*Oh😱! I see he has "wisdom" to his name. He must be a genius😂*

This article worth consulting by those researching on similar topic.

Regards

@eurogee of @euronation and @steemstem communities

properties (22)

`post_id`	52,082,128
`author`	eurogee
`permlink`	re-henrychidiebere-re-wisdomdavid-201867t152559633z-20180607t150738780z
`category`	steemstem
`json_metadata`	"{"tags": ["steemstem"], "users": ["wisdomdavid", "eurogee", "euronation", "steemstem"], "app": "steemit/0.1"}"
`created`	2018-06-07 15:07:33
`last_update`	2018-06-07 15:07:33
`depth`	2
`children`	1
`net_rshares`	0
`last_payout`	2018-06-14 15:07:33
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 SBD
`curator_payout_value`	0.000 SBD
`pending_payout_value`	0.000 SBD
`promoted`	0.000 SBD
`body_length`	490
`author_reputation`	35,390,678,500,126
`root_title`	"computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 SBD
`percent_steem_dollars`	10,000

@wisdomdavid · Jun 7 '18

thanks so much for stopping by @eurogee. I do appreciate your presence😄

properties (22)

`post_id`	52,096,682
`author`	wisdomdavid
`permlink`	re-eurogee-re-henrychidiebere-re-wisdomdavid-201867t152559633z-20180607t172038157z
`category`	steemstem
`json_metadata`	"{"app": "steemit/0.1", "tags": ["steemstem"], "users": ["eurogee"]}"
`created`	2018-06-07 17:20:39
`last_update`	2018-06-07 17:20:39
`depth`	3
`children`	0
`net_rshares`	0
`last_payout`	2018-06-14 17:20:39
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 SBD
`curator_payout_value`	0.000 SBD
`pending_payout_value`	0.000 SBD
`promoted`	0.000 SBD
`body_length`	71
`author_reputation`	1,190,023,548,895
`root_title`	"computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 SBD
`percent_steem_dollars`	10,000

@wisdomdavid · Jun 7 '18

First, there are different techniques used to identify spoofing via arp. Softwares can be implemented  but I will just give a quick info not going too deep. You know that arp works mainly on LAN to request and recognize the mac address and ip address of different host in the same network when sent with respect to the ip address. When an arp request is being sent, the distinct host replies with both the ip address and the MAC address in unicast(one to one) depends though. And all these contains packets that is packaged in a frame that is transmitted in the network. Thus, one solution is implementing Reverse path forwarding. In the place where I work, we make use of Fortigate firewall which perform this aspect of RPF. Fortigate is owned by Fortinet which tries as much to enhance network security on different enterprise. We make use of forti analyzer, forticlient in compliance with fortigate(on an end user computer). Our firewall blocks ip packets from reaching a destination if it does not belong to the routing domain and if its subnet is corresponding our network. Also, since arp is mainly used by switches, security measures can be taken in the area of the switch but that depends on the process you want to use. One is port security on the switch.

👍 henrychidiebere

`post_id`	52,096,320
`author`	wisdomdavid
`permlink`	re-henrychidiebere-re-wisdomdavid-201867t152559633z-20180607t171714571z
`category`	steemstem
`json_metadata`	"{"app": "steemit/0.1", "tags": ["steemstem"]}"
`created`	2018-06-07 17:17:15
`last_update`	2018-06-07 17:17:15
`depth`	2
`children`	3
`net_rshares`	5,070,111,547
`last_payout`	2018-06-14 17:17:15
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 SBD
`curator_payout_value`	0.000 SBD
`pending_payout_value`	0.000 SBD
`promoted`	0.000 SBD
`body_length`	1,264
`author_reputation`	1,190,023,548,895
`root_title`	"computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 SBD
`percent_steem_dollars`	10,000
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
henrychidiebere	0 B		5,070,111,547	100%

@henrychidiebere · Jun 7 '18

A very nice response but I have a little correction to make, address resolution protocol is used by a host within a LAN to identify the MAC address. Hence, it already knows the IP address, so only the MAC address is returned after a successful ARP. Also you answered my question from a layer 7 perspective but I was expecting you to answer the question from a layer 3 to layer 1 perspective, though your answer is purely valid and helpful. Thanks buddy.

👍 wisdomdavid

`post_id`	52,098,461
`author`	henrychidiebere
`permlink`	re-wisdomdavid-re-henrychidiebere-re-wisdomdavid-201867t152559633z-20180607t173830353z
`category`	steemstem
`json_metadata`	"{"app": "steemit/0.1", "tags": ["steemstem"]}"
`created`	2018-06-07 17:38:18
`last_update`	2018-06-07 17:38:18
`depth`	3
`children`	2
`net_rshares`	1,305,951,808
`last_payout`	2018-06-14 17:38:18
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 SBD
`curator_payout_value`	0.000 SBD
`pending_payout_value`	0.000 SBD
`promoted`	0.000 SBD
`body_length`	453
`author_reputation`	9,143,471,406,700
`root_title`	"computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 SBD
`percent_steem_dollars`	10,000
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
wisdomdavid	0 B		1,305,951,808	100%

@wisdomdavid · Jun 7 '18 (edited)

Thanks buddy..in my response I quoted "in respect to the ip address".  and to correct you too, In the format of arp, when replying, the ip address and the MAC is sent back to the host together.  if you need the layer 1 to 3, then you can consider..port security, dynamic arp inspection and T-Arp as well. in additiion, fortigate does not only work in layer 7, because its configuration is done exactly like when configuring a router or a switch as it has its own CLI. you can check it out if your are interested

properties (22)

`post_id`	52,101,950
`author`	wisdomdavid
`permlink`	re-henrychidiebere-re-wisdomdavid-re-henrychidiebere-re-wisdomdavid-201867t152559633z-20180607t181211421z
`category`	steemstem
`json_metadata`	"{"app": "steemit/0.1", "tags": ["steemstem"]}"
`created`	2018-06-07 18:12:12
`last_update`	2018-06-07 18:15:42
`depth`	4
`children`	1
`net_rshares`	0
`last_payout`	2018-06-14 18:12:12
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 SBD
`curator_payout_value`	0.000 SBD
`pending_payout_value`	0.000 SBD
`promoted`	0.000 SBD
`body_length`	511
`author_reputation`	1,190,023,548,895
`root_title`	"computer networking and inter-connectivity Tutorial 2- Network Types, Technologies And Network Security"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 SBD
`percent_steem_dollars`	10,000

1 reply