| ARP protocol is responsible for the completion of the mapping of IP addresses to network interface hardware address. As one of the fundamental protocols, ARP worked in the trusted LAN at that time, but LAN isn't a trusted network already today.Ttherefore, ARP is running with some security problems. At present, the network has already emerged on a lot of defects around the ARP protocol hacking behavior and these acts give network security have had a great impact. The paper will give a comprehensive analysis of the profound on this issue and an effective solution.The paper introduced the network security situation in our country firstly, and introduced the overview of the security problem for ARP protocol. The author focused on analyzing RFC826 and 4.4BSD operation system implementation in the concrete operation of the ARP and find the root of the problem is the incompetence of packet inspection on input and output interface, and the unfit of the package deal to receive treatment questions on the ARP cache. Secondly, the author analyzes the implementation process of ARP spoofing, and carries out specific ideas of Protection ARP spoofing. Finally, the author writes an ARP packets filter Driver and a corresponding user program by NDIS IM driver Development and Win32 programming. In the end of the paper, the author tested the effect of the driver and user program to filter ARP packets based on the virtual machine, and the result of the test showed that the paper has given a fundamental solution to the problem of ARP protocol. |
PDF Full Text Request