|
|
伴随着计算机网络的普及和通讯技术的迅猛发展,网络信息已逐步成为当今社会发展的重要资源。网络互连一般采用 TCP/IP 协议,由于网络及其协议的设计者,在设计之初只考虑了效率问题没有考虑网络安全的问题,所以几乎所有的网络协议都有漏洞,ARP 协议同样也存在着安全漏洞。ARP 攻击在现今的网络中频频出现,轻者造成网络性能下降,重者造成网络不通或信息被盗。因此有效的防范 ARP 形式的网络攻击己成为确保网络畅通安全的必要条件。
本文研究了关于ARP协议;阐述针对ARP协议的攻击方式;针对这些攻击方式,如何做出防御;在攻击发生时,能够将此次攻击进行有效的检测,并对此次攻击进行判定,做出合理的防御措施。其次针对局域网中出现的 ARP 欺骗的攻击方式进行有针对性的分析,使用抓包工具截获攻击包后进行相关研究,并制定出防御局域网中出现的ARP欺骗的方法,同时对该方法进行适当改进以提高防御效率。
关键词:ARP协议;ARP病毒;检测;定位;防范
Abstract
With the popularization of computer network and the rapid development of communication technology, network information has gradually become an important resource of social development. Network interconnection generally adopts TCP/IP protocol, because of the designer of network and its protocol. At the beginning of the design, we only considered the problem of efficiency and did not consider the problem of network security, so almost all network protocols have vulnerabilities and ARP protocols also have security vulnerabilities. ARP attacks appear frequently in today's networks. The light person causes the network performance to degrade, the heavy one causes the network to be blocked or the information is stolen. Therefore, the effective protection against the network attack in the form of ARP has become a guarantee The necessary condition of network smooth security.
This paper studies the ARP protocol, expounds the attack methods against the ARP protocol, how to defend against these attack methods, can detect the attack effectively when the attack occurs, and determines the attack. To make reasonable defense measures. Secondly, aiming at the attack mode of ARP spoofing in LAN, using the capture tool to intercept the attack packet to carry on the related research. The method of defending ARP spoofing in LAN is worked out, and the method is improved to improve the defense efficiency.
Keywords: ARP protocol: ARP virus; Detection; Localization; Prevention
目 录
