Method and system for defending address analysis protocol message aggression

A technology of address resolution protocol and message, which is applied in the field of address resolution protocol, can solve the problems of inapplicability to user hosts and acquisition, and achieve the effect of reducing the difficulty of implementation and upgrade cost, and the difficulty of deployment

Inactive Publication Date: 2009-04-22
NEW H3C TECH CO LTD
View PDF0 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] However, there is a problem in the above two defense schemes: access switches and gateways must obtain the above Snooping security entries, 802.1x security entries, leases generated by DHCP servers, or security entries generated by DHCP relay before receiving ARP packets. , so the user host must use DHCP or 802.1X authentication to access the Internet
If a user uses a fixed IP address to access the Internet, the access switch and gateway cannot obtain any of the above security entries before receiving the ARP message, so the above two defense schemes cannot be applied to the user host that uses a fixed IP address to access the Internet.
[0012] Existing ARP attack defense schemes are also aimed at the use of fixed IP addresses to access the Internet, but generally require access switches and gateway chips to support new functions, and require user hosts to install special client software

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for defending address analysis protocol message aggression
  • Method and system for defending address analysis protocol message aggression
  • Method and system for defending address analysis protocol message aggression

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032]Usually, the ARP message used as an attack message shows that the Sender IP and Sender MAC of the message are forged. This scheme considers intercepting the ARP message attack from the perspective of the Sender MAC address. For the forged Sender MAC, usually the Sender MAC address of the ARP packet may be the attacker's MAC address, a random MAC value, or a gateway MAC address. However, forging an attacker's MAC address is equivalent to self-reporting, which is also a security risk for the attacker. Therefore, in most cases, the attacker will not use the local MAC address to construct ARP packets, and the more common attack The method is to construct the Sender MAC field as a random MAC value or a gateway MAC address when constructing an ARP message, so as to avoid revealing one's own identity.

[0033] For the ARP message whose Sender MAC field is a random MAC value and a gateway MAC address, the basic idea of ​​the defense method proposed by the embodiment of the prese...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method used for defending address resolution protocol message attack, comprising the steps as follows: media access control MAC address of legal user is configured in advance; network equipment receives the address resolution protocol ARP message coming from the user; the field content of the MAC address of the sender is extracted out of the received ARP message; whether the extracted MAC address of the sender is the MAC address of the legal user configured in advance or not is judged; if not, the received ARP message is abandoned. The invention also discloses a system which can defend the address resolution protocol message attack. The method and the system are suitable for the users which adopt all types and do not need to modify the network equipment greatly.

Description

technical field [0001] The invention relates to Address Resolution Protocol (ARP, Address Resolution Protocol) technology, in particular to a method for defending against ARP message attacks and a system for defending against ARP message attacks. Background technique [0002] As one of the lower layer protocols in the protocol stack of the Transmission Control Protocol (TCP / IP, Transmission Control Protocol), ARP is used to implement a data link from an IP address to an address such as a Media Access Control (MAC, Media Access Control) address layer address translation. Communication between network devices is addressed by MAC address, while various applications based on TCP / IP are addressed by IP address, and various data packets based on IP address addressing need to be encapsulated in MAC-based Address-addressed Ethernet frames are transmitted. Therefore, when a network device communicates, it needs to know the MAC address of the destination network device. The ARP pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/56H04L45/74
Inventor 李金平
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap