摘要
在基本ARP欺骗技术的基础上,提出了5个欺骗策略以高效地实现全网主机数据截获,提出了5个数据分析策略以实现口令扫描和安全性分析,提出了3个自适应的扫描速度调节策略以避免扫描动作给网络运行效率造成影响。在上述技术基础上,实现了一个基于ARP欺骗的全网口令安全扫描系统。系统能够较为有效地发现网内用户使用电子邮件等应用服务时明文传输口令或者使用弱口令的风险,从而达到了保障信息安全的目的。
Based on ARP spoofing, five spoofing policies are proposed to intercept data of all hosts in a network efficiently. Five data analyzing polices are proposed to extract information relevant to a password from a datagram and analyze password strength. Three adaptive scanning speed regulating polices are proposed in case of influencing efficiency of the whole network. Based on these technologies and polices, a whole network password canner is developed. This system can detect the risk of plaintext and weak password transformation when using applications such as e-mail etc. to safeguard all users of a network.
出处
《计算机工程与设计》
CSCD
北大核心
2013年第5期1620-1623,1776,共5页
Computer Engineering and Design
关键词
ARP欺骗
口令扫描
全网
自适应
弱口令
ARP spoofing
password scanning
whole network
adaptive
weak password
