DHCP attack guarding method and customer terminal equipment

A client device and client technology, applied in the network field, can solve problems such as the inability to track and discover DHCP virus sources, the inability to completely prevent DHCP attacks, and the inability to obtain many IP addresses, so as to prevent flooding attacks and prevent IP address rejection attacks. Effect

Active Publication Date: 2009-07-15
NEW H3C TECH CO LTD
View PDF0 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

By limiting the number of access users on the PVC/VLAN, the attacker cannot obtain many IP addresses
[0008] The problem existing in the prior art is that this method passively defends the flooding attack of the DHCP server by the attacker through the switch, and the source of the DHCP virus existing in t...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DHCP attack guarding method and customer terminal equipment
  • DHCP attack guarding method and customer terminal equipment
  • DHCP attack guarding method and customer terminal equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0054] In order to further understand the manner in which the attacker attacks the DHCP server, the format of the DHCP message and the meanings of key fields are firstly introduced in the present invention. DHCP messages are generally encapsulated in UDP protocol packets, and its format is as follows: figure 1 shown. for figure 1 The fields in the shown DHCP message, the important fields related to the DHCP attack are introduced as follows:

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a DHCP attack protecting method and a client device. In the method and client device provided by the invention, the client can prevent the DHCP attach without the matching of service end device. The method is executed from each client of internal network and ensures that each internal network client is not used as an attack source for attacking the DHCP server. Simultaneously the invention also can be matched with the management server end for inquiring the suspected attack source and processing the attach source according to a corresponding safety processing strategy. The operations of warning, reminding the user for virus killing, etc. can be provided to the user. The DHCP flooding attack is effectively prevented and the IP address attack is refused.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a DHCP attack protection method and a client device. Background technique [0002] Currently, the role of the DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) protocol is to provide configuration information to Internet hosts in a TCP (Transmission Control Protocol, Transmission Control Protocol) / IP (Internet Protocol, Internet Protocol) network. DHCP adopts the Client / Server (client / server) mode, the client submits a configuration request to the server (including the allocated IP address, subnet mask, default gateway and other parameters), and the server returns the corresponding configuration information according to the policy. [0003] The DHCP protocol generally uses the terminal hardware address to uniquely identify a terminal device, and the hardware address is the MAC (Medium Access Control, Media Access Control) address of the terminal dev...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L29/06
Inventor 张红霞
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap