Method and device for preventing IGMP (Internet Group Management Protocol) from being cheated and attacked

Abstract

The invention discloses a method and device for preventing an IGMP (Internet Group Management Protocol) from being cheated and attacked. The method comprises the following steps of: S1: monitoring an IP (Internet Protocol) address requesting process of a DHCP (Dynamic Host Configuration Protocol) host machine by a switchboard and establishing a DHCP binding table which contains a user IP, a MAC (Media Access Control) address, a virtual local area network identification number and receiving port information; S2: monitoring an IGMP message by the switchboard and judging the type of the message; if the message is a common group inquiry message, executing the step S3; if the message is a membership report message, executing the step S4; S3: judging the legality of the message through judging whether the receiving port information is matched with a pre-configured trusted port or not; and S4: judging the legality of the message through judging whether the message information and the information of the DHCP binding table are matched with the threshold value of the number of multicast groups which are allowed to be added by each IP. Through adoption of the method and the device provided by the invention, the problems that the inquiry cheating on the IGMP common group, the cheating on an IGMP source address and the attack against an IGMP member report message are effectively solved; and the method is simple and easy to realize and is good for safe operation of a network.

Description

technical field [0001] The invention relates to the field of computer data communication, in particular to a method and device for preventing IGMP deception and attack. Background technique [0002] With the continuous development of network broadband technology, streaming media data is widely used in many services such as video on demand, online teaching, and online live broadcast due to its intuition, practicality, and interactivity. These services have point-to-multipoint characteristics. For a service mode similar to point-to-multipoint, if a point-to-point unicast mode is used for data transmission, a large amount of network resources will be wasted. In order to save the occupation of network resources, IP multicast technology emerges in due course. Through IP multicast technology, a system can simultaneously send the same data packet to multiple hosts in the same multicast group. IGMP (Internet Group Management Protocol, Internet Group Management Protocol) is a protoc...

AI Technical Summary

Problems solved by technology

If an illegal user forges the IGMP leave message of the host of the IGMP querier, after the host leaves, there will be multicast traffic flowing to the host away from the multicast group, resulting in a waste of bandwidth; if an illegal host forges the source IP to send an IGMP membership report packets, which will increase the CPU load of multicast routers on the network

In addition, even a host with a legal IP may launch an IGMP attack. The host sends a large number of IGMP membership report messages, which increases the CPU burden of the multicast router on the network and occupies a large amount of software and hardware resources.

Images