基于ARP协议的攻击原理分析

The Analysis of Network Attacks Based on ARP

文章详细介绍了ARP协议的功能、分组格式和工作原理,分析了当前ARP协议所存在的安全性问题。重点讨论了利用ARP协议自身的安全缺陷进行网络攻击的多种实现方法以及这些攻击所带来的危害,其中包含了简单的IP地址冲突、窜改ARP缓冲等攻击方法和较为复杂的交换网络下的嗅探、截获连接、广泛的DoS等。最后,结合实际管理,给出了一些有效的安全防范措施并简单说明了它们的优缺点。

This paper gives an introduction to the functions, packet format and working theory of the ARP (Address Resolution Protocol) and analyses the security vulnerabilities that exist in the ARP. We emphatically discuss the implements and disserves of several network attacks that are based upon the security vulnerabilities of ARP, such as IP address conflict, alter ARP Cache, sniffer in a switch network environment, intercept connections and DoS (Deny of Service). At last, according to our daily managements, we present some countermeasures against these attacks and explain their advantages and disadvantages of these countermeasures.