Method and device for preventing address resolution protocol (ARP) attacks, as well as computer equipment and storage medium

Abstract

The application relates to a method and a device for preventing address resolution protocol (ARP) attacks, as well as computer equipment and a storage medium, wherein the method comprises the following steps of: acquiring the IP address allocation requests transmitted by each of the terminals of a local area network, and parsing the allocation requests to obtain MAC addresses corresponding to eachof the terminals of the local area network; transmitting the IP addresses to each of the terminals according to the allocation requests, and recording the MAC addresses of each of the terminals and the correspondingly assigned IP addresses to obtain a correspondence relationship table; receiving an ARP query request message carrying the IP address of a target terminal and transmitted by the firstterminal of the local area network, and transmitting the ARP query request message to the local area network broadcast; acquiring an ARP reply message transmitted by a second terminal, and parsing the ARP reply message to obtain the current IP address and current MAC address of the second terminal; matching the current IP address and current MAC address with the IP addresses and corresponding MACaddresses of each of the terminals in the correspondence relationship table, forwarding the ARP reply message to the first terminal if the match is successful, otherwise discarding the ARP reply message. By using the method, ARP attacks can be effectively prevented.

Description

technical field [0001] The present application relates to the communication field, in particular to a method, device, computer equipment and storage medium for preventing an address resolution protocol (ARP) attack. Background technique [0002] With the rapid development of network technology today, more and more attack methods are emerging one after another. ARP (Address Resolution Protocol, Address Resolution Protocol)) attack is the most basic LAN attack method, and it appears very widely, which can cause the attacked computer to appear. Dropping the line, or stealing the security account passwords of the attacked computer, such as online game account passwords, online banking account passwords. ARP attack is to achieve ARP spoofing by forging IP addresses and MAC addresses, which can generate a large amount of ARP traffic in the network and block the network. As long as the attacker continuously sends out forged ARP response packets, the IP in the target host's ARP cach...

AI Technical Summary

Problems solved by technology

ARP attack is to achieve ARP spoofing by forging IP addresses and MAC addresses, which can generate a large amount of ARP traffic in the network and block the network. As long as the attacker continuously sends out forged ARP response packets, the IP in the target host's ARP cache can be changed. -MAC entries, causing network outages or man-in-the-middle attacks

In order to prevent ARP attacks, router managers currently configure MAC addresses and IP addresses statically. This method requires end users to configure information such as IP and gateway. If the network environment changes in this way, it must be re-configured, which is troublesome. And this simple method to prevent ARP attacks is not completely effective in preventing ARP attacks

Images