Unlock instant, AI-driven research and patent intelligence for your innovation.

A method, system and router for coordinated prevention from address parsing protocol attack

An address resolution protocol and router technology, applied in the field of linkage against ARP attacks, can solve the problems of heavy configuration workload, large collection workload, cumbersome static ARP binding operation, etc., to prevent ARP attacks and solve the problem of inflexible manual configuration. Effect

Active Publication Date: 2010-07-28
BEIJING ZHIGU TECH SERVICE
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the above solutions, the static ARP binding operation is very cumbersome and needs to be configured on the gateway and all clients (PCs). The configuration workload is heavy and inflexible
Configuring the binding port, IP and MAC on the switch is a better solution, but manual configuration also has the disadvantages of heavy configuration workload and inflexibility. In the prior art, it is necessary to manually collect the correct three-element mapping relationship, because usually There are many switches and hosts, and there is a problem of heavy collection workload. Moreover, if the host changes the network card or switch port, it needs to manually configure the corresponding switch, which is very inflexible in use.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method, system and router for coordinated prevention from address parsing protocol attack
  • A method, system and router for coordinated prevention from address parsing protocol attack
  • A method, system and router for coordinated prevention from address parsing protocol attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in detail as follows:

[0022] Figure 1-Figure 3 Be the network architecture of this embodiment, wherein figure 1 It is the complete network architecture of this embodiment. In this embodiment, the three-element binding is configured on the device closest to the host (PC), namely figure 1 Layer 2 switches in figure 1 The layer-3 switches in the network only provide transparent data paths, at this time you can use image 3 logical network architecture to represent figure 1 . when figure 1 When the Layer 2 switch in does not have the three-element binding function, this embodiment figure 1 The three-element binding is implemented on the three-layer switch in the figure 2 logical network architecture to represent figure 1 .

[0023] Figure 4 It is a schematic structural diagram of the linkage against ARP attack system in this embodiment. As shown in ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an anti-ARP attack method, a system and a router thereof. The method includes the following steps: the router generates a first mapping relationship which is the mapping relationship among a switch port, an IP address of a host computer connected with the switch port and an MAC address of the host computer; the router sends the first mapping relationship to a switch; the switch receives the first mapping relationship; the switch binds the IP address and the MAC address of the host computer connected with the switch port to the switch port according to the received firstmapping relationship. The router of the invention can automatically generate the three-element mapping relationship and inform the switch of the generated three-element mapping relationship automatically so that automatic three-element binding can be realized on the switch, thus saving heavy workload for manual configuration.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a method, system and router for jointly resisting ARP (Address Resolution Protocol: Address Resolution Protocol) attacks. Background technique [0002] An ARP attack mainly refers to setting the source IP and source MAC (Media Access Control: Media Access Control) to a spoofed value or a random value in the ARP request or response message sent by a deceptive host to achieve the purpose of deceiving other hosts, including only Modify the source IP address, only modify the source MAC address, and modify the source IP and source MAC at the same time to achieve the purpose of blocking other hosts from accessing the Internet or acting as a middleman for other hosts. [0003] As shown in Figure 1, PC1 is the attacking host, PC2 is the impersonated host, and PC4 is the deceived host. The IP address and MAC address of the router are IP0 and MAC0 respectively, the IP add...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/56H04L29/06H04L45/60
Inventor 蔡胜丁金生王金
Owner BEIJING ZHIGU TECH SERVICE