Method and device for detecting ARP message validity

A technology of ARP message and legality, applied in the direction of digital transmission system, electrical components, transmission system, etc., can solve problems such as network interruption, abnormality, and ARP message cannot be processed, and achieve the effect of reducing the possibility

Inactive Publication Date: 2009-12-23
NEW H3C TECH CO LTD
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the limited resources of the gateway device, when the CPU of the gateway device processes the above-mentioned ARP packets, a large number of normal ARP packets will not be processed, causing network interruption and abnormality.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting ARP message validity
  • Method and device for detecting ARP message validity
  • Method and device for detecting ARP message validity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention provides a method for detecting the legitimacy of an ARP message. The core idea is to check the consistency of the reverse path of the sender's IP address on the received ARP message, and identify the ARP message by the gateway device. The IP address of the sender in the text is the destination address to search the routing table to obtain the corresponding outgoing interface information, and compare the outgoing interface information in the routing table with the incoming interface information of the ARP message. If the comparison result is inconsistent, it is judged to receive The received ARP message is an ARP attack message, and abnormal processing such as filtering is performed on the message; if the comparison result is consistent, it is judged that the received ARP message is a normal ARP message, and the message is forwarded Wait for normal processing.

[0039] The technical solutions of the present invention will be clearly and completely ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for detecting ARP message validity, which is applied in a system including a gateway device. The method comprises the following steps: the gateway device receives the ARP message and judges whether an inlet interface of the ARP message is a three-layer interface or not; if so, then the gateway device extracts a transmitting terminal internet protocol IP address in the ARP message and implements route searching by taking the transmitting terminal IP address in the ARP message as a target address to obtain the information of a corresponding outlet interface; when the obtained information of the outlet interface is consistent with the information of the inlet interface of the received ARP message, the ARP message is a valid ARP message; when the obtained information of the outlet interface is inconsistent with the received information of the inlet interface of the ARP message, the ARP message is an attack message. The method and the device for detecting ARP message validity realize the detection on invalid ARP messages.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to a method and a device for detecting the legality of an address resolution protocol ARP message. Background technique [0002] In the current network technology, the damage to the network presents a diversified development, and the attack on the reliability and security of the network is one of them. Devices in the network are destroyed or changed in configuration, disrupting the normal communication of the network, and even causing the network to be paralyzed. Among them, the attack on Ethernet is a common way of this kind of attack. [0003] In Ethernet, IP (Internet Protocol, Internet Protocol) devices need to communicate with each other. The source IP device that initiates communication needs to obtain the MAC (Media Access Control, Media Access Control) address of the target IP device. The actual transmission between IP devices Frame data, the frame data includes the M...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56
Inventor 汪洪远
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap