The Analysis And Defence Of Arp Protocol Cheating

The development of Internet gives human a tremendous convenience, but at the same time it also has many potantial safety hazards. Especially the network security work directs much towards the research of how to keep out of the vulnerabilities from the outer net, at present, but pays less attention to the security of LAN. APR protocol is a high effective data -link layer protocol. As a LAN protocol, however, it bases on the mutual trust of each host. Because APR cache table bases on high speed cache and dynamic updating, and its request in the manner of broadcast, so APR response packet can be sent as one wishes without verify. Therefore APR protocol unavoidably has many potantial safety hazards.Taking advantage of the flaw of APR protocol, APR cheating is a kind of LAN cheating attack by forging or falsifying APR response packet. The direct results of the attack is the instability or break of the internet, or even the paralysis of the internet and the secret information such as account, password,etc is eavesdropped. Recently, as the development of the internet, LAN cheating attacks become more than before, and seriously affect the regular sevice of the internet..This thesis sets about the analysis of the flaw of ARP protocol, and studies and analyzes the principia and phenomena of frequently happened ARP cheating events at campus, summarizing various implement ways of APR cheating, also imitating the procedure of APR cheating by programming. On that basis, this thesis also points out how to detect and keep away APR cheating attack from these three aspects: network security supervision, network equipment protection and the core system protection and other specific ways to solve the problems such as: IP address and MAC address static binding, APR message restriction and isolation, installation of APR firewall and anti-virus software,etc. Finally combined with "the replying on ARP cheating resolving scenario of Sheng Da College Network", this thesis realizes and explores the united application of various methods and the total defence of ARP cheating attact, through the combination and application of kinds defence methods, holding back the APR cheating attack in campus network effectively, protecting the safe and steady operation of campus network.