| 边界网关协议的攻击分析与安全防范 |
| |
| 引用本文: | 蔡昭权. 边界网关协议的攻击分析与安全防范[J]. 计算机工程, 2008, 34(5): 145-147 |
| |
| 作者姓名: | 蔡昭权 |
| |
| 作者单位: | 惠州学院网络中心,惠州,516015 |
| |
| 基金项目: | 惠州市科技计划基金 , 惠州学院校科研和教改项目 |
| |
| 摘 要: | 分析边界网关协议(BGP)当前版本中存在的漏洞和脆弱性,指出可能遭受的基于TCP及自身漏洞的攻击。提出BGP的安全威胁模型和防范策略,以及如何对协议功能进行扩展的措施。以CISCO路由器为例,给出典型的安全防范配置。实践证明,通过访问控制列表、数字签名、路由过滤、源地址检测和协议扩展方案,可以有效提高网络的安全性和稳定性。
|
| 关 键 词: | 路由协议 漏洞 攻击 防范 安全 边界网关协议 |
| 文章编号: | 1000-3428(2008)05-0145-03 |
| 修稿时间: | 2007-10-15 |
Attacks Analysis and Security Precaution of Border Gateway Protocol |
| |
| CAI Zhao-quan. Attacks Analysis and Security Precaution of Border Gateway Protocol[J]. Computer Engineering, 2008, 34(5): 145-147 |
| |
| Authors: | CAI Zhao-quan |
| |
| Affiliation: | (Network Center, Huizhou University, Huizhou 516015) |
| |
| Abstract: | By analyzing the loopholes and weakness in the current version of Border Gateway Protocol(BGP) and noting the potential attacks based on TCP, this paper gives the BGP security threat model and the corresponding preventive strategy, and explains how to extend the functions of the protocol. As an example, a typical security precaution setup of the CISCO routing is illustrated. Practice proves that, network security and stability can be effectively improved through access control lists, digital signature, routing filtering, source address detection and protocol extended function. |
| |
| Keywords: | routing protocol loopholes attack precaution security Border Gateway Protocol(BGP) |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载免费的PDF全文 |
|
