Achieving method and device for preventing replay attack

Abstract

The invention discloses an achieving method and device for preventing a replay attack. The method comprises the step that when a network device needs to send an IS-IS protocol message, a serial number used by the IS-IS protocol message last time is obtained from a configuration library, a serial number used by the IS-IS protocol message this time is determined, and the serial number, used last time, recorded in the configuration library is updated through the serial number used this time, wherein the serial number used this time is larger than the serial number used last time, and the network device sends the IS-IS protocol message comprising the serial number used this time. By means of the method and device, an attacker can be prevented from carrying out the message replay attack through the IS-IS protocol message.

Description

technical field [0001] The invention relates to the technical field of communication, in particular to a method and equipment for preventing replay attacks. Background technique [0002] With the growing demand for network scale, IS-IS (Intermediate System-to-Intermediate System, Intermediate System to Intermediate System), as an internal gateway dynamic routing protocol, has gradually been widely used. On an IS-IS network, network devices exchange Hello packets to establish neighbor relationships. In addition, in order to update LSPDU (Link State Protocol Data Unit, Link State Protocol Data Unit) message (referred to as LSP message), network devices will exchange CSNP (Complete Sequence Numbers Protocol Data Unit, complete sequence number protocol data unit) report text and / or PSNP (Partial Sequence Numbers Protocol Data Unit, Partial Sequence Number Protocol Data Unit) message. [0003] In the prior art, once an attacker intercepts a Hello packet / LSPDU packet / CSNP packet...

AI Technical Summary

Problems solved by technology

[0004] Specifically, (1) Before the network device establishes the neighbor relationship, the attacker intercepts the Hello packet. After the network device establishes the neighbor relationship, the attacker sends the previously intercepted Hello packet into the network to exploit the intercepted Hello packet. Carry out packet replay attacks, resulting in problems such as neighbor flapping and routing flapping, and further lead to problems such as route unreachability and traffic interruption

(2) The attacker intercepts the CSNP message and enters the intercepted CSNP message into the network to use the intercepted CSNP message to carry out a message replay attack, and because the LSP digest contained in the intercepted CSNP message is older , thus causing the network device to send a PSNP message to request and synchronize the LSP, which in turn leads to a shortage of bandwidth resources

(3) The attacker intercepts the PSNP message and sends the intercepted PSNP message into the network, so as to use the intercepted PSNP message to carry out a message replay attack, resulting in unnecessary flooding of LSPs and network congestion

(4) The attacker intercepts the LSPDU message and sends the intercepted LSPDU message into the network to use the intercepted CSNP message to carry out a message replay attack, causing the route to be refreshed again and the traffic to be interrupted

Images