摘要
Internet是从友好、信任、开放的环境中发展起来的,其协议的实现有着其固有的缺陷,清晰地掌握网络互联通信的底层原理,是研究网络安全的基础和关键。本文从以太网网络通信中ARP协议的工作原理出发,首先介绍了利用该协议进行的局域网活动主机检测、绑定MAC的局域网IP保护方案的原理和实现,然后分析介绍了ARP协议的不足之处,以及在此基础之上所产生的ARP欺骗,并将其应用到交换网环境中,以桥接的方式实现了交换环境下的网络监听,最后给出了该欺骗的检测以及防御办法,同时给出了一个相应的实现系统。
Internet was developed from a friendly, reliable and open environment. The realization of its protocols has its inherent limitation. Clearly mastering the substrate principle of network interconnection and communication is the base and hinge to study the network security. From the working principle of ARP protocol in the network communication of Ethernet, this paper firstly introduces the principles and implements of Active Host Detection and IP Protection in LAN based on ARP. Secondly, it introduces and analyzes the deficiency of ARP protocol and the ARP spoof produced by this deficiency. It also applies this analysis to the switcher net environment and realizes the network monitoring by the bridge method. Finally, it presents the detection of this spoof and the defense measure, and at the same time, a corresponding realized system is also given.
出处
《现代计算机》
2004年第2期37-41,55,共6页
Modern Computer
基金
本文的研究得到了江苏省应用研究基础项目(BJ000002)
教育部"跨世纪优秀人才培养计划"基金项目
"江苏省网络与信息安全重点实验室"的资助。
