摘要
地址解析协议(ARP)在局域网中实现IP地址到网络接口地址(MAC)的映射功能,攻击者利用ARP协议的安全缺陷,在主机和网关之间实施ARP攻击,导致网络通信中断等后果。针对此类攻击提出防范方案,通过IP地址与交换机端口绑定,以使用静态ARP表或者定期更行正确的IP-MAC映射表等方法,可有效防御此类攻击发生。
ARP is primarily used to translate IP addresses to Ethemet MAC addresses in LAN. The hacker implements ARP attack between host computer and gateway with security defects of the ARP protocol, which resuits in breaking off of network communication. The defense and solutions are presented to prevent that hap- pening effectively, such as binding IP address and switching port, updating correct IP- MAC mapping table regularly.
关键词
地址解析协议
AARP欺骗
局域网
address resolution protocol
ARP spoofing
local area network