The Design And Implementation Of A DHCP Attack System On Comware V7

With the popularity of the Internet,our life,study and work are closely related to the Internet.It builds a variety of networks in our real life.These networks require DHCP for address allocation.DHCP dynamic host configuration protocol can effectively solve the problem of wireless user mobility and current IP address shortage.However,the initial design of the DHCP protocol didn't consider the security issues,it is easy to attack by illegal users.So we put forward the concept of DHCP anti-attack system.Based on Comware network device operating system,this paper designs the DHCP anti-attack system and makes it come true.In this paper,The DHCP anti-attack is designed mainly from two DHCP common modules:the server and relay agent.For the server,it is mainly to prevent the source MAC attack and prevent the packet storm.For the relay agent,it is mainly the pseudo-server anti-attack,anti-starvation attack,and forged DHCP renewal message anti-attack.The system for different means of attack to put forward appropriate preventive measures to effectively deal with a variety of illegal attacks and illegal attacks on the server.Through the collaboration between the product driver and the Comware platform,the legitimacy of the DHCP protocol packets is judged.Illegal packets can be successfully intercepted and an attack entry is created.By setting a timer,you can configure the aging timer to prevent the attack entry from being deleted.Taking into account the network equipment to deal with the bottom of the performance of large flow of messages,equipment specifications and the CPU's compression capacity has a corresponding increase.The system through rigorous system testing and acceptance testing.Finally,the problems found in the test are all resolved.It can successfully intercept all kinds of illegal DHCP protocol packets.It applies to all major enterprise networks and operators of the network environment.It can meet China's three major mobile operators on the DHCP security requirements for the application of DHCP protocol to provide security.And it has a wide application prospect and commercial value.