A kind of dhcp network protection system and method

A protection system and network technology, applied in the network field, can solve problems such as imperfection and DHCP attacks, and achieve the effect of improving accuracy and efficiency and reducing pressure

Active Publication Date: 2018-04-06
广东网安科技有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Although the emergence of DHCP Snooping can solve some of the problems of DHCP attacks, there are still imperfections here. The DHCP client at the terminal can also initiate forged multiple or a large number of DHCP request packets to the DHCP server in a seemingly legitimate way. The way to request to IP

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of dhcp network protection system and method
  • A kind of dhcp network protection system and method
  • A kind of dhcp network protection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] Embodiments of the present invention are described below through specific examples, and those skilled in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific implementation modes, and various modifications or changes can be made to the details in this specification based on different viewpoints and applications without departing from the spirit of the present invention. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0030] see figure 1 , the present invention provides a DHCP network protection system 1, which is connected to at least one client terminal device through at least one network node device, and the DHCP network protection system 1 includes:

[0031] The DHCP relay agent in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a DHCP network protection system and method. The DHCP relay agent information module performs message processing on the DHCP request message of the client terminal equipment, so as to add the location information of the connection intermediate network node equipment to the DHCP relay agent. In the proxy information string information, the DHCP monitoring module receives the DHCP request message added with the DHCP relay agent information string information to generate a corresponding DHCP binding table for locating the network attack source, and the DHCP monitoring module also presets the rate Restriction, can accurately determine and locate the source of network attacks, improve the accuracy and efficiency of DHCP network security protection, and the DHCP relay agent information module and DHCP monitoring module are separated and run on different boards, reducing the number of modules running on the same board. This reduces the pressure of processing a large number of packets, and makes the upstream DHCP request packet carry more information to identify the source of the request packet.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a DHCP network protection system and method. Background technique [0002] In a data communication network, DHCP is widely used as an important way to obtain an IP address. However, due to the limitations of the DHCP operating mechanism, the DHCP server and the DHCP client have no authentication mechanism, so they are vulnerable to attacks during a complete DHCP request to obtain an IP address. For the way of attack, one is to access an illegal DHCP server on the uplink port, and assign an illegal IP to the DHCP client; The allocated IP address segments are exhausted, causing normal DHCP clients to fail to request IP addresses. [0003] The DHCP snooping technology was created to solve the DHCP security problem. The DHCP snooping mechanism filters abnormal DHCP request information by establishing and maintaining a normal DHCP binding table. At this stage, network devices that...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 蔡伟
Owner 广东网安科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products