Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for preventing gateway deceit

A gateway and anti-network technology, applied in the field of data communication, can solve problems such as data errors, hosts unable to send data outside the LAN, learning errors, etc.

Inactive Publication Date: 2015-02-18
RUIJIE NETWORKS CO LTD
View PDF6 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] To sum up, the existence of the gateway ARP spoofing virus will cause the hosts in the network to learn the MAC address of the wrong gateway, which will cause the hosts in the network to fail to send data outside the LAN or the sent data will be imported to the virus host by mistake. making the network less secure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for preventing gateway deceit
  • Method and device for preventing gateway deceit
  • Method and device for preventing gateway deceit

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] When a host in the LAN needs to send a message to the outside of the LAN, the host will broadcast a request message to the entire network to apply for the MAC address of the gateway. When the gateway receives the request message, it will reply a response message to the request message to the host. At the same time, the host carrying the gateway deception virus will also reply a false response message to the request message, that is, the deceptive message is sent to the requesting host. Usually, the destination hardware address of the false response message is filled with a false MAC address. address or the MAC address of the host carrying the gateway spoofing virus, and usually the false response message will be delayed for a period of time or sent a few more than the response message of the gateway.

[0032] A method for preventing gateway spoofing proposed by Embodiment 1 of the present invention, such as figure 1 As shown, the specific processing flow is as follows:...

Embodiment 2

[0058] Embodiment 1 of the present invention The method and device for spoofing gateways proposed above can be applied to networks based on the IPV4 protocol, and can also be applied to networks based on the IPV6 protocol. The difference is that in IPV6, the received probe response message The content of the text also includes 3 special flags, namely R / S / O, R indicates whether the sender is a router, S indicates Solicited, S indicates whether the response message is free or a response after receiving the request, O Indicates whether to overwrite and update the existing entry information after receiving the message.

[0059] Embodiment 2 of the present invention takes the application in a network based on the IPV4 protocol as an example to further elaborate on the method for preventing gateway deception, such as image 3 As shown, the specific processing flow is as follows:

[0060] Step 31, sending an APR detection message including the set IP address. The ARP detection mess...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for preventing gateway deceit. The method comprises the steps of sending a detection message which contains a set IP address and is used for detecting whether a gateway deceit virus exists or not; receiving a detection response message; obtaining the source IP address in the received detection response message; judging whether the IP address of the source IP address is identical with a set gateway IP address; broadcasting a gateway message containing correct gateway IP address to all hosts in a network when the source IP address and the set gateway IP address are identical, wherein the gateway message containing the correct gateway IP addresses enables the hosts with tampered IP addresses in the network to obtain correct IP addresses and normal communication between the hosts and the gateway to be recovered. The method and device for preventing gateway deceit are used for solving the safety problem of the network when ARP deceit viruses exist in the network.

Description

technical field [0001] The invention relates to the technical field of data communication, in particular to a method and device for preventing gateway deception. Background technique [0002] Address Resolution Protocol (English: Address Resolution Protocol, abbreviation: ARP) is a TCP / IP protocol for obtaining a physical address according to an IP address. The hosts in the network are connected to the external network through a gateway. In the network, a default gateway is usually set. All messages sent by the hosts in the network to the outside of the LAN will be sent to the default gateway. Therefore, the hosts in the network are connected to the external network. Before connecting to the Internet, an ARP request message will be sent to apply for the Media Access Control (English: Medium Access Control, abbreviation: MAC) address of the default gateway. [0003] When there is a gateway ARP spoofing virus in the network, the deception process of the gateway ARP virus is a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1466H04L61/103
Inventor 侯建栋
Owner RUIJIE NETWORKS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com