DHCP monitoring method and apparatus thereof

A monitoring method and technology of a monitoring device are applied in the field of communication networks and can solve problems such as inability to understand attacker information.

Inactive Publication Date: 2009-11-25
HUAWEI TECH CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] The DHCP Snooping solution solves the security problem of DHCP, but this solution only simply discards the attacker's packets, and it is impossible to learn any information about the attacker through this solution

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DHCP monitoring method and apparatus thereof
  • DHCP monitoring method and apparatus thereof
  • DHCP monitoring method and apparatus thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 3

[0043] On the basis of embodiment one or embodiment two, after establishing the DHCP blacklist binding table and recording its hit frequency information, the monitoring method of the present invention can also be further improved, as image 3 Embodiment 3 of the monitoring method of the present invention is shown, including the following steps:

[0044] Step S3001: Receive a subsequent user message and judge whether it matches the DHCP binding table, if the judgment result is no, send a DHCPNAK message to the user in the same way as the DHCP server, otherwise, execute step S3002.

[0045] Step S3002: Determine whether the DHCP binding table hit by the user message is a DHCP blacklist binding table, if the judgment result is no, forward the user message according to the prior art, otherwise, execute step S3003.

[0046] Step S3003: Process the user message according to a predetermined configuration policy.

[0047] When the received user message cannot hit the DHCP binding tab...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DHCP monitoring method. When the received user message fails to hit the DHCP binding table, a DHCP blacklist binding table is established, and the frequency information of the DHCP blacklist binding table being hit is recorded, so as to achieve tracking attacker's purpose. The invention also discloses a DHCP monitoring device. Through the invention, the attacker's attack behavior can be tracked and necessary information can be obtained, which is convenient for the network administrator to analyze.

Description

technical field [0001] The invention relates to the technical field of communication networks, in particular to a DHCP monitoring method and a device thereof. Background technique [0002] With the expansion of network scale and the improvement of network complexity, Dynamic Host Configuration Protocol (DynamicHost Configuration Protocol, DHCP) has been widely used. However, the DHCP protocol encounters many security problems in the application process. The main means for attackers to use DHCP to attack include the following two: [0003] 1) IP / MAC spoofing attack: the attacker sends a message with its own MAC and victim IP to the gateway router (including an IP message and a binding table to an Address Resolution Protocol (Address Resolution Protocol, ARP) message, etc.), Let the gateway router learn the binding relationship between the victim's IP and its own MAC address, then all subsequent packets arriving at the victim will be forwarded to the attacker. [0004] 2) Ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/00H04L12/56H04L29/02
CPCH04L63/1408H04L61/2015H04L61/5014
Inventor 谭学飞
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products