摘要
同时克隆合法用户IP与MAC地址的行为已严重威胁部分校园网的认证、计费与安全,因此能够快速地检测出这种非法行为十分的必要。从TCP/IP协议分析IP和MAC地址克隆的工作原理及其存在的可行性,提出一种利用无为ARP工作原理来检测IP和MAC地址克隆的方法,并给出基于VC++6.0和WinPcap实现该检测功能模块的一些关键性代码,最后给出如何禁止克隆用户访问互联网的思路。
The clone of legal user's IP and MAC address has threatened the authentication, accounting and security, so it is necessary to quickly discover this illegal behavior in campus network. This paper first, analyzes the basic principle and the feasibility of cloning the IP and Mac address based on TCP/IP protocol. Then it presents a quick method for detecting the clone of IP and MACaddress by using the principle of Gratuitous ARP, and gives some key codes realized by WinPcap and VC++6.0. Finally, it puts forward an idea on how to forbid the clone user to access the Internet.
出处
《通信技术》
2009年第1期264-266,270,共4页
Communications Technology
基金
海南省教育厅科研基金项目(Hj2008-58)
