摘要
地址解析协议(Address Resolution Protocol,ARP)的主要功能是将网络层的地址解析为数据链路层的地址,从而保证通信的完成。而ARP欺骗则是基于ARP协议的一种攻击技术,通过将假的ARP数据包发送到局域网内,使得到达特定IP的数据包被错误送到攻击者所取代的地方。本文介绍了ARP欺骗的基本原理和具体的攻击方法,并解释了ARP欺骗的攻击范围,讨论目前已经出现的针对ARP欺骗的安全技术,通过分析和归纳,比较这些技术的优缺点。
Address Resolution Protocol is used for resolution of network layer address into data link layer address to complete the communication. ARP spoofing attack is a technique based on the protocol, whereby an attacker sends fake ARP message onto a local area network to cause any traffic meant for that IP address to be sent to the attacker instead. This article describes the basic discipline and measures of ARP spoofing, explains the scope of the attack, discusses the present defence technology of ARP spoofing, summarizes and analyzes each of these schemes, compares their advantages and disadvantages.
出处
《网络安全技术与应用》
2013年第6期24-26,共3页
Network Security Technology & Application
