| 主动监听中协议欺骗的研究 |
| |
| 引用本文: | 贺龙涛,方滨兴,胡铭曾.主动监听中协议欺骗的研究[J].通信学报,2003,24(11):146-152. |
| |
| 作者姓名: | 贺龙涛 方滨兴 胡铭曾 |
| |
| 作者单位: | 1. 哈尔滨工业大学,国家计算机信息安全重点实验室,黑龙江,哈尔滨,150001
2. 哈尔滨工业大学,国家计算机信息安全重点实验室,黑龙江,哈尔滨,150001;国家计算机网络与信息安全管理中心,北京,100031 |
| |
| 基金项目: | 国家“863”计划资助项目(8631040201),“十五”国防预研基金资助项目(41315.7.3,41316.3.3) |
| |
| 摘 要: | 提出了基于协议欺骗的主动监听框架,大大扩展了网络监听的适用范围。分析了网络访问的具体过程,将其中存在的映射关系分为四种:服务器域名到IP地址、IP到MAC地址、远程服务器的IP地址到本地路由器IP地址、以及客户端界面显示到应用服务器的处理。依据破坏的映射关系不同,本文将能够实现主动监听的协议欺骗分为四大类:ARP欺骗、路由欺骗、DNS欺骗和应用层欺骗,并详细分析了这四类协议欺骗攻击原理、实现方式及其防范策略。
|
| 关 键 词: | 主动监听 协议欺骗 ARP欺骗 DNS欺骗 路由欺骗 应用层欺骗 |
| 文章编号: | 1000-436X(2003)11-0146-07 |
| 修稿时间: | 2002年9月22日 |
The study on protocol spoofing in active sniffing |
| |
| HE Long-tao,FANG Bin-xing,HU Ming-zeng.The study on protocol spoofing in active sniffing[J].Journal on Communications,2003,24(11):146-152. |
| |
| Authors: | HE Long-tao FANG Bin-xing HU Ming-zeng |
| |
| Institution: | HE Long-tao1,FANG Bin-xing1,2,HU Ming-zeng1 |
| |
| Abstract: | We present a protocol spoofing based active sniffing framework, which extends the application area of network sniffing. Four kinds of mapping relationship in network communication are discussed: server domain name to IP address, IP address to MAC address, remote server IP address to local router IP address, and client interface to server process. Destroying those four kinds of mapping relationship, protocol spoofing which can be applied in active sniffing is classified into four kinds respectively: ARP spoofing, route spoofing, DNS spoofing and application layer spoofing. The elements and implementation of them are analyzed in details. |
| |
| Keywords: | active sniffing protocol spoofing ARP spoofing DNS spoofing route spoofing application layer spoofing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
