| With rapid development of the Internet, network security has become a potentially huge problem. Network attacks can damage networks,threat information security and cause huge loss to the users. Among all security affairs, Internet Control Message Protocol (ICMP) attack has become one kind of major events with characteristics such as extensive area, deep concealment,easy usage. ICMP attack can greatly affect the effective service of the network. This article has analyzed the ICMP from it's function,the transmission characteristic and hidden danger etc. This article probes the principle of the common network attacks based on ICMP and proposes the corresponding countermeasure. This article has analyzed that ICMP is designed and implemented for network testing tools. And this article discusses thoroughly network security mechanism of defending the ICMP attack. The IPSec protocol exists question about processing the ICMP error packets, so this article proposes two improved IPSec protocol to prevent and reduce the harm which this kind of attack creates,and carries on the test analysis to the scheme which proposes. The improved IPSec protocol scheme for this problem can give a satisfactory resolution without decreasing the efficiency of the current IPSec. Finally,to improve the efficiency of campus network management,this article analyses how to detect all devices in the network in the fastest way with the combination of improved IPSec protocol and database technology. |
PDF Full Text Request