ARP (Address Resolution Protocol) message processing method and device

An ARP message and ARP cache table technology, applied in the field of ARP message processing methods and devices, can solve the problem of inability to effectively defend against ARP message spoofing, and achieve the effects of avoiding ARP message spoofing, ensuring security, and improving user experience.

Active Publication Date: 2012-07-11
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The technical problem to be solved in this application is to provide an ARP message processing method and device to solve the problem that the existing technology cannot effectively defend against ARP message spoofing and ensure the security of the local area network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP (Address Resolution Protocol) message processing method and device
  • ARP (Address Resolution Protocol) message processing method and device
  • ARP (Address Resolution Protocol) message processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] refer to figure 1 , which shows a flow chart of steps of an ARP packet processing method according to Embodiment 1 of the present application.

[0043] The ARP message processing method of the present embodiment comprises the following steps:

[0044] Step S102: Obtain the ARP message, and determine the type of the ARP message.

[0045] Step S104: If the type of the ARP message is a broadcast packet sent by the local machine, it is judged whether the broadcast packet is an ARP request packet sent by the local machine to the gateway, if so, the ARP request packet is modified into an ARP response packet, and Send the ARP response packet to the gateway; if not, discard the broadcast packet.

[0046] Modify the ARP request packet to an ARP response packet, so that the data packet is directed to the gateway instead of being broadcast, so that the MAC address of the host will not be scanned by other hosts, and will not be maliciously impersonated or used; and , modify the ...

Embodiment 2

[0051] refer to figure 2 , shows a flow chart of steps of an ARP packet processing method according to Embodiment 2 of the present application.

[0052] The ARP message processing method of the present embodiment comprises the following steps:

[0053] Step S202: Perform gateway detection to obtain the real gateway MAC address.

[0054] The real gateway MAC address is the basis for normal communication between the host and the gateway, and those skilled in the art can obtain the real gateway MAC address in any appropriate manner during implementation.

[0055] Preferably, in this embodiment, standard ARP data packets are sent to the gateway at different time intervals, so as to determine the real MAC address of the gateway.

[0056] A preferred method of sending standard ARP packets to the gateway at different time intervals is the variable frequency packet sending method, that is, the interval time is T×2 n Send a standard ARP packet, where T is a set time constant, gener...

Embodiment 3

[0073] refer to image 3 , shows a flow chart of steps of an ARP packet processing method according to Embodiment 3 of the present application.

[0074] This embodiment realizes the defense of switch port spoofing on the basis of defending against ARP message spoofing.

[0075] Switch port spoofing refers to the spoofing of the CAM table in the switch based on the principle of switch data exchange. Data sniffing and hijacking can be carried out through switch port spoofing. In theory, just like ARP spoofing, Trojan horses can modify hijacked data to hang horses and steal accounts. P2P tools will also use switch port spoofing principles to control LAN network speed, resulting in unbalanced LAN speed distribution. disrupt the LAN environment. At present, in the security field, there is no good technical solution to defend against such attacks. However, this embodiment adopts the stealth technology of the local area network and the active defense technology of the switch, so a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an ARP (Address Resolution Protocol) message processing method and device. The ARP message processing method comprises the following steps of: acquiring an ARP message; judging the type of the ARP message; and processing the ARP message according to the type of the ARP message: if the type of the ARP message is a broadcast packet transmitted out from a local machine, judging whether the broadcast packet is the ARP broadcast packet transmitted from the local machine to a gateway; if the broadcast packet is the ARP broadcast packet transmitted from the local machine to the gateway, modifying the ARP request into an ARP echo packet and transmitting the ARP echo packet to the gateway; if the broadcast packet is not the ARP broadcast packet transmitted from the local machine to the gateway, discarding the broadcast packet; if the type of the ARP message is the ARP echo packet, judging whether the ARP echo packet is the ARP echo packet transmitted from the local machine to the gateway; if the ARP echo packet is the ARP echo packet transmitted from the local machine to the gateway, transmitting the ARP echo packet to the gateway; and if the ARP echo packet is not the ARP echo packet transmitted from the local machine to the gateway, discarding the ARP echo packet. Through the invention, ARP message spoofing defense is realized without affecting surfing condition, and the security of the local area network is guaranteed.

Description

technical field [0001] The present application relates to the field of network technologies, in particular to an ARP (Address Resolution Protocol, Address Resolution Protocol) message processing method and device. Background technique [0002] The ARP protocol is one of the lower layer protocols in the TCP / IP (Transmission Control Protocol / Internet Protocol) protocol stack. , Media Access Control) address translation. [0003] The ARP protocol queries the MAC address of the target device through the IP address of the target device to ensure smooth communication. In a LAN, network data is encapsulated into Ethernet frames, and each frame of data contains the MAC address of the target host. If a host wants to communicate directly with another host, it must know the MAC address of the target host, which is obtained through the ARP protocol. The address resolution process is the process in which the host converts the target IP address into the target MAC address before sendin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06H04L29/12
Inventor 丁振边陆向明
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap