局域网ARP欺骗攻击及安全防范策略毕业设计

新疆机电职业技术学院计算机系毕业论文题目：局域网ARP攻击及防范专业：计算机网络技术年级：高计算机10班学生姓名：王文瑞学号：20101898指导教师：李欣2012年12月12日新疆机电职业技术学院毕业论文I局域网ARP攻击及防范摘要：ARP攻击，是针对以太网地址解析协议（ARP）的一种攻击技术。此种攻击可让攻击者取得局域网上的数据封包甚至可篡改封包，且可让网络上特定计算机或所有计算机无法正常连接。目前，ARP欺骗是黑客常用的攻击手段之一，且ARP欺骗攻击的后果一般都是比较非常严重的，大多数情况下会造成大面积掉线。有些网管员对此不甚了解，出现故障时，认为PC没有问题，交换机没掉线的“本事”，电信也不承认宽带故障。而且如果第一种ARP欺骗发生时，只要重启路由器，网络就能全面恢复，那问题一定是在路由器了。为此，宽带路由器被认为是“罪魁祸首”，而事实并非如此。鉴于此，本文将论述ARP地址解析协议的含义和工作原理，分析了ARP协议所存在的安全漏洞，分析网段内和跨网段ARP欺骗的实现过程。最后，结合网络管理的实际工作，介绍IP地址和MAC地址绑定、交换机端口和MAC地址绑定、VLAN隔离等技术等几种能够有效防御ARP欺骗攻击的安全防范策略。最后通过使用文中介绍安全防范策略成功阻止P2P终结者、Arpkiller等ARP攻击软件的攻击验证了该安全策略的有效性。关键词：ARP协议IP地址局域网MAC地址网络安全LANARPattackandprotectionAbstract:ARPattack,whichisbasedonEthernetaddressesanalyticalprotocol(ARP)anattacktechnology.Thisattackmaylettheattackerhasalocal-areanetworkpacketsofdataoreventamperwiththepacket,andallowsnetworkonspecificcomputerorallcomputercannotnormalconnection.Atpresent,theARPdeceptionishackerscommonlyusedattackmeansone,andtheconsequencesofARPdeceptionattackisusuallycompareveryserious,inmostcircumstanceswillcausedextensivecalls.Somenetworkadministratorarenotwellunderstood,malfunction,thinkPCnoproblem,switchesdidn'tdroppedskill,telecomdoesnotacknowledgebroadbandfault.AndifthefirstkindofARPdeceptionoccurs,aslongastherestartrouter,thenetworkcanfullyrecover,thatproblemmustbeonarouter.Therefore,broadbandrouterisconsideredthechiefculprit,butthisisnotthecase.Inviewofthis,thisarticlewillbediscussedthemeaningofARPaddressanalyticalprotocolandworkingprinciple,analyzestheexistingARPagreementsecurityvulnerabilities,analyzingnetworksegmentwithinandacrossthenetworksegmenttherealizationprocessofARPdeception.Finally,combinedwiththepracticalworkofnetworkmanagement,introducestheIPaddressandMACaddressbinding,switchportandMACaddressbinding,aswellasseveralvlansisolationtechnologycaneffectivelydefenseARPdeceptionattacksecuritypreventivestrategy.FinallythroughtheuseofintroducedsafetypreventivestrategypreventedP2Pterminator,ArpkilleretcARPattacksoftwareattackverifiedtheeffectivenessofthesecuritystrategy.Keyords:ARPagreementIPaddressBureauareanetMACaddressNetworksecurity新疆机电职业技术学院毕业论文1目录引言...................................................2第一章.ARP协议简介......................................2第二章.ARP协议的工作原理................................3第三章.分析ARP协议存在的安全漏洞.......................5一、分析ARP协议存在的安全漏洞.................................................................5二、ARP欺骗检测方法....................................................................................5(一)主机级检测方法...............................................................................................5(二)网络级检测方法...............................................................................................5第四章.ARP欺骗攻击的实现过程............................6一、通过路由器实现VLAN间的通信.............................................................6二、公司网络实现vlan间通信..........................................................................6第五章.ARP攻击简介......................................6一、仿冒网关.........................................................................................................7二、欺骗网关.........................................................................................................7三、欺骗终端用户.................................................................................................7四、“中间人”攻击...............................................................................................8五、ARP报文泛洪攻击......................................................................................8第六章.攻击安全防范策略..................................8一、DHCPSnooping功能...................................................................................9二、IP静态绑定功能..........................................................................................9三、ARP入侵检测功能......................................................................................9四、ARP报文限速功能......................................................................................9五、CAMS下发网关配置功能........................................................................10第七章.ARP攻击防御配置举例.............................10一、DHCP监控模式下的ARP攻击防御配置举例.......................................10(一)组网需求.........................................................................................................10(二)组网图.............................................................................................................11(三)配置思路.........................................................................................................11(四)配置步骤.........................................................................................................11(五)注意事项.........................................................................................................14二、认证模式下的ARP攻击防御配置举例.....................................................15(一)组网需求.........................................................................................................15(二)组网图........................................................................................................