Six security problems of industrial switches-深圳市力必拓科技

Your location：Home>News update>Corporate news

Six security problems of industrial switches

　　Industrial switch is a kind of efficient local area network, it is an important part of modern industrial automation production system, whether it is sensor data transmission, or production equipment control and so on, these need Ethernet to constitute the basic control network. This is one of the important reasons why industrial switch is used more and more widely in automated production.

　　Bandwidth support for increasingly rich broadband applications; Data centralization of large financial institutions; Enterprise core business, ERP, CRM and other complex application expansion. Today, the mainstream structure, where gigabit is the backbone and gigabit is the access structure, will gradually transition to a structure where gigabit is the backbone and gigabit is the access structure.

　　Along with the rapid popularity of industrial switches, its security issues are also increasingly concerned. At present, we should deal with the following aspects:

　　1.Six security problems of industrial switches

　　(1) Broadcast storm attack

　　Users can transmit high-traffic broadcast data, multicast data, or unicast data whose destination MAC address is randomly constructed. When the switch receives such information, it sends it in the form of broadcast. If the switch is not compatible with the flow control of the flood database, the bandwidth of the network may be filled with such invalid data. Other users on the network cannot access the Internet properly.

　　(2) Data information attacks the network

A malicious user can send heavy traffic to the router through the industrial switch, which consumes most of the bandwidth of the uplink interface. As a result, other customers are slow to access the Internet.

　　Therefore, the switch needs to limit the inbound direction speed of each port. Otherwise, a malicious user can attack his network and affect every other customer on the network.

　　(3) Massive MAC address attack

　　Industrial switches use MAC addresses as indexes when sending data. If the destination MAC address of a datagram is unknown, the packet is sent on the network in flood mode. Industrial switches need to learn MAC addresses constantly, and the MAC address table capacity of switches is limited. When the MAC address table of switches is full, the original MAC addresses will be covered by the newly learned MAC addresses. In this way, when receiving the information sent by routers to normal customers, the MAC address records of the customers cannot be found. In turn, it will be sent in the form of flooding across the network, which reduces the network's sending performance.

　　(4) MAC spoofing attacks

　　In order to crash the network, a malicious user can change his MAC address to the MAC address of the router (called Mac-X) and send it to the switch continuously (it does not require a lot of traffic, one per second is sufficient). In this way, the switch updates the record of Mac-X, thinking that it is on the port connected to the malicious client. In this case, when other users have data to send to the router, the switch will send this information to the malicious customer, so that the customer who sent the normal database can not access the Internet properly (similarly, every customer in the network can not access the Internet). The switch must have the MAC binding function (that is, the MAC address of the router must be statically configured on the switch). Otherwise, malicious users can simply crash the network. Or the switch needs to bind the source MAC address of each port allowed to access the network database, so that malicious customers cannot attack the network through MAC spoofing.

　　(5) ARP spoofing attack

　　No matter which IP address the ARP request is received, the system immediately sends an ARP reply. If the received ARP request, ARP reply, and port data are different from the bound IP address, the system discards the ARP request, ARP reply, and port data. Otherwise, the network crashes.

　　(6) Ring attack

　　Users also install a network switch in their homes, and deliberately connect both ends of a network cable to the network switch to form a loop line, and then use the network cable to connect the network switch to the switches in the network. As loop lines exist in all networks, the learning of MAC addresses in the network will be disrupted, and errors will occur when the network switch forwards data. The entire network would be paralyzed.

　　The above is about the "industrial switch six security issues" all the content, thank you for reading, I hope to help you.

Use of industrial switches in smart grid power systems

Can industrial routers be used at home?

Six security problems of industrial switches

相关内容

Enterprise dynamics Corporate news

Features and utility of industrial switches

I. Characteristics of industrial switches:1, excellent temperature) characteristics industrial switch can be in -40℃-- 75℃ temperature range of all normal work, and commercial products only work in 0℃-- 50℃ range, can not meet the requirements of the work on the spot. 2, anti-strong influence characteristics of the network switch can work in strict magnetic induction ring (circular magnetic field) environment, and in the data information port lightning protection, rapid monopulse group, electrostatic induction (is a static mode of positive charge

What is an industrial switch and what are its functions?

In everyone's eyes, but most people are or are very strange to this kind of professional terms, often some people will ask what is industrial network switch, and what are the differences with commercial service network switch.

What are the advantages of 5g routers?

5G industrial router plays a vital role in industrial application scenarios, and is an important network foundation for the normal operation and work of the industrial Internet of Things. So what are the advantages of the 5g router? Here is a brief introduction. 1. What are the advantages of 5g router? 1. [Support multiple network protocols] Support APN networking, multiple VPN networking, VLAN network, WiFi relay/client network, Layer 2 and Layer 3 protocol networking, etc., and support TCP/

Features of Layer 2 and Layer 3 Industrial Switches

Layer 2 industrial switch: The Layer 2 industrial switch works at the Layer 2 (data link layer) of the OSI model, identifies the MAC address information in the data packet, forwards it according to the MAC address, and records these MAC addresses and corresponding ports in its own internal address table. Therefore, layer 2 industrial switches need powerful data identification and forwarding capabilities. Characteristics of Layer 1, Layer 2, and Layer 3 Industrial Switches Layer 2 industrial switches rely on information in the link layer (such as

Difference between industrial router and industrial switch

Now is the information age, with the progress of science and technology, Internet technology has become an indispensable part of people's lives. Computer networks are often interconnected by many different types of networks. If several computer networks are only physically connected and there is no communication between them, then this "interconnection" has no practical significance. Therefore, when we talk about "interconnection", we have implied that these interconnected computers can communicate.

What is the difference between a Gigabit router and an Ethernet switch?

Gigabit routers and Gigabit Ethernet switches play an important role at the edge of the network. What is the difference between a Gigabit router and an Ethernet switch? Which one suits you better? Let's first look at the basics of Gigabit Ethernet and Ethernet switches, then we'll compare the two types of Ethernet switches to help you make a viable decision. First, what is the difference between a gigabit router and an Ethernet switch? Ethernet is called the more primitive Ethernet.

SHENZHEN LIPITON TECHNOLOGY CO., LTD.

Set R & D, production, sales as one of the national high-tech enterprises, the industry's leading Internet of Things and data application service provider.

1.Six security problems of industrial switches

相关内容