| ARP协议的攻击与防范 |
| |
| 引用本文: | 李扬继,方勇,兰昆,陈超.ARP协议的攻击与防范[J].兵工自动化,2004,23(4):28-30. |
| |
| 作者姓名: | 李扬继 方勇 兰昆 陈超 |
| |
| 作者单位: | 四川大学,信息安全研究所,四川,成都,610064;四川大学,信息安全研究所,四川,成都,610064;四川大学,信息安全研究所,四川,成都,610064;四川大学,信息安全研究所,四川,成都,610064 |
| |
| 摘 要: | 伪造IP和MAC地址在网络中可实现ARP欺骗,故提出ARP的攻击与防范措施.针对局域网IP地址映像到其它主机的ARP高速缓存不需提供IP与MAC地址真实性检验,而ARP应答又无需认证的缺陷,以IPV4和IPV6防范为例,在通过目标设备的IP地址查询其MAC地址的基础上,建立网络安全信任关系解决ARP欺骗.
|
| 关 键 词: | 地址解析协议 IP地址 MAC地址 局域网 |
| 文章编号: | 1006-1576(2004)04-0028-03 |
| 修稿时间: | 2004年2月16日 |
Attacks and Preventive Measures of ARP |
| |
| LI Yang-ji,FANG Yong,LAN Kun,CHEN Chao.Attacks and Preventive Measures of ARP[J].Ordnance Industry Automation,2004,23(4):28-30. |
| |
| Authors: | LI Yang-ji FANG Yong LAN Kun CHEN Chao |
| |
| Abstract: | ARP spoof can be carried out by the way of forging IP and MAC address. Network facilities must know the 2nd physical address (MAC address) of destination facility which ARP query by IP address, when communicating directly in Ethernet. ARP cache mapped in another host is based on IP address, does not present the reality checking of IP and MAC address, and ARP reply does not need identification. For example as IPV4 and IPV6 preventive, ARP spoof can be radically resolved on the network security relations founded on IP MAC. |
| |
| Keywords: | ARP IP address MAC address Local-area network |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
