PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP...
Transcript of PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP...
![Page 1: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/1.jpg)
![Page 3: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/3.jpg)
#3
Proxy ARP – a recap
We do not want Proxy ARP on our platform
Security tests
Configuration tests
Light levels
Counters
![Page 4: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/4.jpg)
#4
A
B C
D
E
![Page 5: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/5.jpg)
#5
A
B C
D
E
![Page 6: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/6.jpg)
#6
A
B C
D
E
/
![Page 7: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/7.jpg)
#7
A
B C
D
E
/
![Page 8: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/8.jpg)
#8
A
B C
D
E
/
![Page 9: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/9.jpg)
#9
A
C
D
E
/
B
![Page 10: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/10.jpg)
#10
A
C
D
E
/
B
/
![Page 11: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/11.jpg)
#11
The 2011-08-13 incident:
It was a Saturday.
It was peak time.
It took 3.5 hours to fix
145 customers affected
Up to 45% traffic loss
![Page 12: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/12.jpg)
#12
Countermeasures:
- Regular proactive checks to identify proxy ARP
Additional Countermeasures:
- Vendor implementation: disable default proxy ARP
- Use of dynamic ARP inspection with static bindings
![Page 13: PowerPoint-Präsentation · Proxy between 2 Interfaces with destinations for the ProxyARP 80.81.195.8/22 enabled ARP-Reply I am 80.81.193.E! BLOCK WITHDRAWN 80.81.192.0/ 23 origin](https://reader033.fdocuments.us/reader033/viewer/2022050511/5f9c406d23d423656f0c0a79/html5/thumbnails/13.jpg)
Thank you Join DE-CIX now! DE-CIX Competence Center Lindleystrasse 12 60314 Frankfurt/Germany Phone +49 69 1730 902 - 0 [email protected]
28. November 2011 – DE-CIX Management GmbH #13
DE-CIX Competence Center @ Kontorhaus Building
Frankfurt Osthafen (Docklands)