摘要
为了防范ARP欺骗攻击,保障校园网网络信息安全,笔者阐述了ARP工作原理,分析了ARP欺骗内网主机、欺骗局域网网关等利用漏洞进行攻击的方式,提出了VLAN隔离端口、IP与MAC地址静态绑定、采用抵御ARP攻击的以太网交换机、用户端主动防御等应对ARP攻击的安全策略与实现方案,并根据校园网目前的实际情况予以实施,在实际管理工作中验证了安全策略的可行性与有效性。
In order to prevent ARP deception attack and safeguard campus network, the paper expounds the working principle of ARP, analyzes the ways for network attack using the ARP agreement loophole, and proposes the related safe strategy and guard measure for ARP attack, such as VLAN port isolate, IP and MAC address static bind setting, using Ethernet switch and active defense of client side.According to the actual situation of the campus network, the feasibility and effectiveness of the security strategy are verified.
出处
《科技创新与生产力》
2017年第2期67-68,73,共3页
Sci-tech Innovation and Productivity
关键词
ARP欺骗攻击
校园网
信息安全
安全策略
ARP deception attack
campus network
information security
security strategy
