交换式设备和网络的安全缺陷与改进措施

The Security Defect of Switcher and Network with Improvement Method

详细讨论了ＡＲＰ协议的安全缺陷，讨论了基于ＡＲＰ改向的中间人攻击方式．工作于网络数据链路层的交换设备使得一个节点的主机不能窃听到其它节点主机之间的数据通信从而提高整个数据网络的安全保密性．但基于ＡＲＰ改向的中间人攻击方式可使攻击者窃听到交换设备其它主机的数据，并且由于交换设备的存在，牺牲主机反而不能发现受到攻击．指出了采用静态ＭＡＣ地址方法或采用第三层交换技术的安全改进措施可提高交换设备和网络的安全性．

The security defect of ARP is discussed in detail in this paper. The ARP spoofing can break the communication between two hosts or can makes the communication between two hosts to past to the attacker. Switcher disables a host to monitor communication data between other hosts. But ARP can change the direction of communication and makes the attacker intercept the communication data of the hosts attached on the switcher. The attacked host can not find it has been attacked because of the switcher.It can be used to improve the security of switch network by adopting static MAC address or the switch technology on third layer.