| ARP欺骗/MITM攻击在二层交换机上的防范 |
| |
| 引用本文: | 朱凯.ARP欺骗/MITM攻击在二层交换机上的防范[J].网络安全技术与应用,2013(5):68-69,45. |
| |
| 作者姓名: | 朱凯 |
| |
| 作者单位: | 昆明理工大学津桥学院 云南650106 |
| |
| 摘 要: | 本文主要针对目前非常典型的二层攻击和欺骗说明如何在思科交换机上组合运用和部署Dynamic ARP Inspection(DAI)技术,从而实现防止在交换环境中实施"中间人"攻击、地址欺骗等,更具意义的是通过Dynamic ARP Inspection(DAI)技术的部署可以简化地址管理,直接跟踪用户IP和对应的交换机端口;防止IP地址冲突。同时对于大多数对二层网络造成很大危害的具有地址扫描、欺骗等特征的病毒可以有效的报警和隔离。
|
| 关 键 词: | ARP欺骗 MITM攻击 防范 |
ARP spoofing/MITM attack Prevention in the two layer switch |
| |
| Zhu Kai.ARP spoofing/MITM attack Prevention in the two layer switch[J].Net Security Technologies and Application,2013(5):68-69,45. |
| |
| Authors: | Zhu Kai |
| |
| Affiliation: | Zhu Kai Oxbridge College of Kunming University of Science and Technology, Yunnan, 650106, China |
| |
| Abstract: | This paper aiming at the typical two layers of attack and deception explains how to use and deployment of Dynamic ARP Inspection in Cisco switch (DAI) technology, thus preventing the exchange environment in the implementation of the "man in the middle" attack, spoofing, what is more important is through Dynamic ARP Inspection (DAI) technology deployment can simplify address management, user IP and the corresponding direct tracking the switch port to prevent IP address conflict. At the same time with address scanning, deceit and other characteristics for most of the two layer network caused much harm to the virus can effectively alarm and isolation. |
| |
| Keywords: | ARP spoofing MITM attack Guard against |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
