| ARP欺骗攻击及其防范 |
| |
| 引用本文: | 邓清华,陈松乔.ARP欺骗攻击及其防范[J].微机发展,2004,14(8):126-128. |
| |
| 作者姓名: | 邓清华 陈松乔 |
| |
| 作者单位: | 中南大学信息科学与工程学院,中南大学信息科学与工程学院 湖南长沙410083,湖南长沙410083 |
| |
| 摘 要: | 网络欺骗攻击作为一种非常专业化的攻击手段,给网络安全管理者带来了严峻的考验。文中探讨了ARP欺骗这一典型的欺骗攻击类型。通过分析ARP协议的工作原理,讨论了ARP协议从IP地址到物理地址解析过程中存在的安全隐患,给出了同一网段和跨网段ARP欺骗的实现过程,并针对如何应对黑客实施此类攻击,提出了设置静态ARP表,利用ARPWATCH工具进行跟踪和传输加密的防范方法。结果证明,静态ARP表能忽略执行欺骗行为的ARP应答,ARP WATCH能有效追踪攻击者来源,传输加密能防止敏感信息泄漏,以上方法均能达到防范ARP欺骗攻击的目的。
|
| 关 键 词: | 网络安全 ARP欺骗 静态ARP表 传输加密 |
| 文章编号: | 1005-3751(2004)08-0126-03 |
| 修稿时间: | 2003年12月3日 |
ARP Spoofing and Countermeasures |
| |
| DENG Qing-hua,CHEN Song-qiao.ARP Spoofing and Countermeasures[J].Microcomputer Development,2004,14(8):126-128. |
| |
| Authors: | DENG Qing-hua CHEN Song-qiao |
| |
| Abstract: | As a professional attacking method,network spoofing gives austere challenge to the network administrator.Here,study ARP Spoofing.By analyzing the working principle of ARP protocol,discuss the security vulnerability existing in the process of mapping IP address to MAC address,give out the accomplishment of ARP Spoofing in internal network and external network,and propose the countermeasures like Static ARP Table,ARPWATCH and Transmission Encryption in order to protect against hacker attack.The result proves that Static ARP Table can overlook ARP response, ARPWATCH can trace the source of the hackers,Transmission Encryption can prevent secret information discovering,all of these ways can reach the purpose of preventing ARP Spoofing. |
| |
| Keywords: | network security ARP spoofing static ARP table transmission encryption |
| 本文献已被 CNKI 维普 等数据库收录! |
|
