DHCP (Dynamic Host Configuration Protocol) anti-attacking method and device

A technology to prevent attacks and attackers, applied in the field of network security, can solve problems such as leaks, equipment cannot access the network normally, and wrong configuration information, etc., to achieve the effect of reducing the possibility

Active Publication Date: 2012-11-28
HANGZHOU DPTECH TECH
View PDF5 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, if there is an illegal DHCP server in the network, it may provide false configuration information. Since the DHCP client does not take any security measures, it is likely to be bound to the wrong configuration information, resulting in the device not being able to access the network normally; it may even lead to risks such as leaks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DHCP (Dynamic Host Configuration Protocol) anti-attacking method and device
  • DHCP (Dynamic Host Configuration Protocol) anti-attacking method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] Please refer to figure 1 , generally, the network device that needs to be configured can realize its own configuration by exchanging packets with the DHCP server twice. The network equipment mentioned in the present invention is not narrow switches and routers, but covers all nodes in all networks that need to obtain IP addresses and related network configurations. In the process of interacting with the DHCP server, first, the network device as the DHCP client sends a broadcast DHCP Discover message to the network, carrying a list of configuration information that the DHCP client cares about. The DHCP Offer message is filled with the IP address resources managed by itself and other configuration information, and sent back to the DHCP client in the form of broadcast (in most cases) or unicast (in a few cases).

[0014] Since there may be multiple DHCP servers on the network, the DHCP client may receive multiple DHCP Offer messages. The DHCP client can select a DHCP ser...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a DHCP (Dynamic Host Configuration Protocol) anti-attacking method which is applied to being used as network equipment of a DHCP client. The method comprises the following steps of: A, storing a DHCP Offer message received by the DHCP client and/or information carried by a DHCP ACK (Acknowledgement Character) message, wherein the information at least comprises a source IP (Internet Protocol) address of the message and a server identification; and B, comparing whether the source IP address of the same message is the same as the server identification or not; if not, determining that the message is sent by an attacker. The DHCP anti-attacking method disclosed by the invention can be used for sufficiently utilizing the characteristics of a DHCP interaction process to prevent DHCP attacks and greatly reducing the possibility that the DHCP client is attacked by various means.

Description

technical field [0001] The invention relates to network security technology, in particular to a DHCP attack prevention method and device. Background technique [0002] IP network is currently the most popular network organization method for a long time to come. If all devices in an IP network want to communicate with other devices, they must have a unique identity, that is, an IP address. At present, the methods for configuring IP addresses for devices include self-negotiation of PPP protocol, self-configuration by users, and unified allocation by administrators. However, these configuration methods have a common defect, that is, administrators need to configure for each device. When the network scale is large and the topology is complex, or the network topology changes frequently, or many terminal devices need more startup configuration information, the configuration work of the administrator will be insufficient, so a new terminal device configuration method emerges as th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L29/12
Inventor 余刚
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap