毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc

上传人:仙人指路1688 文档编号:2401894 上传时间:2023-02-17 格式:DOC 页数:7 大小:137.50KB
返回 下载 相关 举报
毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc_第1页
第1页 / 共7页
毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc_第2页
第2页 / 共7页
毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc_第3页
第3页 / 共7页
毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc_第4页
第4页 / 共7页
毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc_第5页
第5页 / 共7页
点击查看更多>>
资源描述

《毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc》由会员分享,可在线阅读,更多相关《毕业论文(设计)基于ARP 伪装技术的IP 地址防盗用方案的研究20474.doc(7页珍藏版)》请在三一办公上搜索。

1、基于ARP伪装技术的IP地址防盗用方案的研究杜暖男 马莹莹(平顶山工业职业技术学院,河南平顶山 467001)1 研究背景众所周之,IP地址的盗用对网络的正常运行是十分有害的。一方面,非法用户盗用合法用户的IP地址以获得特殊的访问权限;另一方面,非法用户盗用未分配的IP地址,对正常的网络运行和应用进行破坏。因此,当前找出在通用网络模型下IP地址防盗用的方法是十分有必要的。2 IP地址防盗用方案模式分析2.1 IP-MAC模型IP-MAC模型是人们较早提出的一种模型。IP地址盗用的问题归根结底是解决IP地址的唯一性的问题,而在实践中IP地址的唯一性很难保证。正如前面所分析的,在目前日益广泛应用的

2、Linux系统下,用户可以随意地更改所使用的主机的IP地址,因此IP地址的唯一性需要依赖于其他本身具有唯一性的因素来保持。2.2 IP-MAC-USER模型针对成对修改IP-MAC地址和动态修改IP的IP地址盗用方式,人们提出了IP-MAC-USER模型。IP-MAC-USER模型的原理是,在采用IP-MAC模型实现IP绑定MAC地址的基础上,在重点、高危险网段实施IP同时绑定MAC地址和用户,即在IP-MAC绑定的同时,检验与IP相对应的用户名和口令,实现IP绑定用户。这种方案对成对修改IP-MAC地址和动态修改IP的IP地址盗用方式能够进行彻底的防范,是一种普遍防御和重点防范相结合的方案。

3、IP-MAC-USER模型不能简化为IP-USER模型,那样就会带来大量IP用户管理的麻烦,同时造成网络使用的不便。2.3 IP-MAC-PORT模型随着共享式以太网向交换式以太网的发展,具有简单网络管理功能的交换机越来越为人们所采用。在这种形势下人们提出了IP-MAC-PORT模型。IP-MAC-PORT模型的原理是,在交换以太网环境下,将IP地址与MAC地址、主机所连接的交换机端口同时绑定,即在检验(IP,MAC)地址对的同时,检验IP对应的交换机端口。3 基于ARP伪装技术的IP地址防盗用方案3.1 ARP协议分析ARP(地址解析协议)用于将IP地址映射为硬件地址(MAC地址),它是TC

4、P/IP协议组中的一个非常重要的协议,在OSI七层网络模型中,网络层下面是数据链路层,为了它们可以互通,需要转换协议。ARP(地址解析协议)用于把网络层(第三层)地址映射到数据链路层(第二层)地址,RARP(反向地址解析协议)则反之。网络层地址是由网络管理员定义的抽象映射,它不去关心下层是哪种数据链路层协议。然而,网络接口只能根据第二层地址来互相通信,第二层地址通过ARP从第三层地址得到。并不是发送每个数据包都需要进行ARP请求,ARP应答被缓存在本地的ARP表中,这样就减少了网络中的ARP包。3.2 ARP伪装技术利用ARP协议的无认证特性,假设主机Q与X,Y在同一局域网内,Y向X发送ARP

5、应答后,Q伪装成Y,再向X发送一个以为源地址的ARP包或向Y发一个以为源地址的ARP包,就会更新X或Y的ARP缓存表,使X将Ipy的MAC地址解析为MACq或使Y将Ipx的地址解析为MACq,这就是ARP伪装技术。Q应用ARP伪装技术修改X和Y的ARP缓存表后,X和Y发给对方的IP数据报都会发向MAC地址MACq.若MACq为网络内不存在的空MAC地址,则X,Y可以继续向对方发IP数据包,但对方收不到,X,Y之间的网络通信无法实现,本文称之为ARP截断。基于ARP伪装技术的IP防盗用方法就是采用ARP截断的方法,使IP盗用主机无法进行网络通信,从而实现IP地址防盗用。3.3 应用ARP伪装技术

6、实现IP-MAC模型随着技术的发展,有些IP盗用者采用修改主机MAC地址的方法,来避开IP防盗用系统。虽然修改MAC并不容易,但IP防盗用系统也应对其防范。对于修改MAC的盗用方法,可在子网的IP-MAC地址库中增加一项IP开关状态标志,此标志项由用户自行管理,当用户要退出网络时,访问IP-MAC地址库,将分配给他的IP地址所对应的开关状态标志项设置为关闭;当用户重新使用网络时,再次访问IP-MAC地址库将开关状态标志打开。对于ARP监听模块,在将ARP包中的源IP地址与IP-MAC地址库比对时,增加一个判断IP地址开关状态标志项的进程,如开关状态标志项己关闭,就可判断为修改MAC地址的IP地

7、址盗用,随即调用ARP截断模块。ARP截断模块不必做修改。在IP防盗用软件运行的系统上开启Web服务,采用JSP技术开发一个B/S模式的Web数据库系统,使用户可以经过必要的用户、口令认证后,用浏览器访问IP-MAC地址库,管理IP地址开关状态标志。通过以上方案的实施即实现了基于IP-MAC-USER三元素的IP地址防盗用模型,又可对成对修改IP-MAC地址和动态修改IP地址的IP地址盗用方式进行有效地防范。3.4 通过ARP地址欺骗技术防范IP地址盗用下面以例子的方式说明ARP地址解析和ARP地址欺骗防:止IP地址盗用。A机器上运行如下:C:arp aInterface 1 92 1 68

8、1 0 1 on Interface 0x1 000003Internet Address PhysicaI Address Type192.168.10.3 CCCCCCCCCCCC dynamic这是192. 168. 1 01(主机A)上的ARP缓存表,假设A进行一次ping 192. 168. 10 .3(主机C)操作,会查询本地的ARP缓存表,找到C的IP地址对应的MAC地址。以便对传输的帧进行封装,这样就可以进行数据传输,帧的目的MAC地址就是C的MAC地址。如果A中没有C的ARP记录,那么A首先要广播一次ARP请求。当C接收到A的请求后就发送一个应答,应答中包含有C的MAC地址,

9、这就是ARP地址解析的过程,然后A接收到C的应答就会更新本地的ARP缓存。接着使用这个MAC地址发送数据。因此本地高速缓存的这个ARP表是本地网络流通的基础,而且这个缓存是动态的。但是ARP协议并不只在发送了ARP请求才接收ARP应答。这也就是利用ARP地址欺骗技术达到防止IP地址盗用的理论基础了。当计算机接收到ARP应答数据包的时候,就会对本地的ARP缓存进行更新,将应答中的IP-TnMAC地址存储在ARP缓存中。因此,在上面的假设网络中,B向A发送一个自己伪造的ARP应答 而这个应答中的数据为发送方IP地址是192. 168. 10.3(C的IP地址) MAC地址是DDDDDDDDDD-D

10、D(C的MAC地址本来应该是CCCCCCCCCCCC 这里被伪造了)。当A接收到B伪造的ARP应答,就会更新本地的ARP缓存(A可不知道被伪造了)。4 小结盗用技术的发展与反盗用技术的进步是一个此长彼消,互相促进的过程。要很好解决这个问题,一方面需要依靠反盗用技术的不断提高,另一方面还需要法律、法规和各项网络管理制度的健全和完善。亦即,一方面要不断地提高网络的管理水平,研究新的网络技术,另一方面还要对敢于进行IP地址盗用、破坏网络安全的人,按照有关法规严惩,使盗用者既对先进的反盗用技术望而生畏,又对盗用后所承担的后果心有余悸,才能很好解决IP地址盗用问题。参考文献1 谢希仁. 计算机网络. 北

11、京: 电子工业出版社, 2005: 102-1062 漆强, 熊筱芳. 一种新型的以过程为中心的软件工程方法. 南昌大学学报, 2004(6): 90-94Editors note: Judson Jones is a meteorologist, journalist and photographer. He has freelanced with CNN for four years, covering severe weather from tornadoes to typhoons. Follow him on Twitter: jnjonesjr (CNN) - I will alw

12、ays wonder what it was like to huddle around a shortwave radio and through the crackling static from space hear the faint beeps of the worlds first satellite - Sputnik. I also missed watching Neil Armstrong step foot on the moon and the first space shuttle take off for the stars. Those events were w

13、ay before my time.As a kid, I was fascinated with what goes on in the sky, and when NASA pulled the plug on the shuttle program I was heartbroken. Yet the privatized space race has renewed my childhood dreams to reach for the stars.As a meteorologist, Ive still seen many important weather and space

14、events, but right now, if you were sitting next to me, youd hear my foot tapping rapidly under my desk. Im anxious for the next one: a space capsule hanging from a crane in the New Mexico desert.Its like the set for a George Lucas movie floating to the edge of space.You and I will have the chance to

15、 watch a man take a leap into an unimaginable free fall from the edge of space - live.The (lack of) air up there 待添加的隐藏文字内容3Watch man jump from 96,000 feet Tuesday, I sat at work glued to the live stream of the Red Bull Stratos Mission. I watched the balloons positioned at different altitudes in the

16、 sky to test the winds, knowing that if they would just line up in a vertical straight line we would be go for launch.I feel this mission was created for me because I am also a journalist and a photographer, but above all I live for taking a leap of faith - the feeling of pushing the envelope into u

17、ncharted territory.The guy who is going to do this, Felix Baumgartner, must have that same feeling, at a level I will never reach. However, it did not stop me from feeling his pain when a gust of swirling wind kicked up and twisted the partially filled balloon that would take him to the upper end of

18、 our atmosphere. As soon as the 40-acre balloon, with skin no thicker than a dry cleaning bag, scraped the ground I knew it was over.How claustrophobia almost grounded supersonic skydiverWith each twist, you could see the wrinkles of disappointment on the face of the current record holder and capcom

19、 (capsule communications), Col. Joe Kittinger. He hung his head low in mission control as he told Baumgartner the disappointing news: Mission aborted.The supersonic descent could happen as early as Sunday.The weather plays an important role in this mission. Starting at the ground, conditions have to

20、 be very calm - winds less than 2 mph, with no precipitation or humidity and limited cloud cover. The balloon, with capsule attached, will move through the lower level of the atmosphere (the troposphere) where our day-to-day weather lives. It will climb higher than the tip of Mount Everest (5.5 mile

21、s/8.85 kilometers), drifting even higher than the cruising altitude of commercial airliners (5.6 miles/9.17 kilometers) and into the stratosphere. As he crosses the boundary layer (called the tropopause), he can expect a lot of turbulence.The balloon will slowly drift to the edge of space at 120,000

22、 feet (22.7 miles/36.53 kilometers). Here, Fearless Felix will unclip. He will roll back the door.Then, I would assume, he will slowly step out onto something resembling an Olympic diving platform.Below, the Earth becomes the concrete bottom of a swimming pool that he wants to land on, but not too h

23、ard. Still, hell be traveling fast, so despite the distance, it will not be like diving into the deep end of a pool. It will be like he is diving into the shallow end.Skydiver preps for the big jumpWhen he jumps, he is expected to reach the speed of sound - 690 mph (1,110 kph) - in less than 40 seco

24、nds. Like hitting the top of the water, he will begin to slow as he approaches the more dense air closer to Earth. But this will not be enough to stop him completely.If he goes too fast or spins out of control, he has a stabilization parachute that can be deployed to slow him down. His team hopes it

25、s not needed. Instead, he plans to deploy his 270-square-foot (25-square-meter) main chute at an altitude of around 5,000 feet (1,524 meters).In order to deploy this chute successfully, he will have to slow to 172 mph (277 kph). He will have a reserve parachute that will open automatically if he los

26、es consciousness at mach speeds.Even if everything goes as planned, it wont. Baumgartner still will free fall at a speed that would cause you and me to pass out, and no parachute is guaranteed to work higher than 25,000 feet (7,620 meters).It might not be the moon, but Kittinger free fell from 102,800 feet in 1960 - at the dawn of an infamous space race that captured the hearts of many. Baumgartner will attempt to break that record, a feat that boggles the mind. This is one of those monumental moments I will always remember, because there is no way Id miss this.3

展开阅读全文
相关资源
猜你喜欢
相关搜索
资源标签

当前位置:首页 > 建筑/施工/环境 > 项目建议


备案号:宁ICP备20000045号-2

经营许可证:宁B2-20210002

宁公网安备 64010402000987号