作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2008, Vol. 34 ›› Issue (2): 103-104. doi: 10.3969/j.issn.1000-3428.2008.02.034

• 安全技术 • 上一篇    下一篇

ARP欺骗及ICMP重定向攻击技术研究

杨 杨,房 超,刘 辉   

  1. (重庆邮电大学通信与信息工程学院,重庆 400065)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-01-20 发布日期:2008-01-20

Research on Technology of ARP Spoofing
and ICMP Redirection Attak

YANG Yang, FANG Chao, LIU Hui   

  1. (College of Communication and Information Engineering, Chongqing University of Posts and Telecommunications, Chongqing 400065)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-01-20 Published:2008-01-20

摘要: ARP欺骗及ICMP重定向攻击是以太网中常用的攻击手段,两者都可达到监听网络或对目标主机进行拒绝服务攻击的效果。该文通过分析两者在实现方式、适用范围方面的不同,得出实施ICMP重定向攻击难度更大的结论。根据IP路由原理,反驳了可以跨网段实施ARP欺骗的观点,指出其无法实现的根本原因在于忽略了目标主机要对接收到的ICMP重定向报文进行详细检查,这种攻击手段实际上很难奏效。

关键词: ARP欺骗, 监听, 拒绝服务, ICMP重定向, IP路由

Abstract: ARP spoofing and ICMP redirection attack are used frequently, both of them can sniff the Ethernet or attack the target by means of denial of service. Through analyzing the difference of measure and applicable scope between them, a conclusion is made that ICMP redirection attack is more difficult to come true. In terms of mechanism of IP routing, the theory thal ARP spoofing spans the same subnet actually does not realize and the reason is that the target will examine received ICMP redirection message, so this measure is not successful in practice.

Key words: ARP spoofing, sniffing, denial of service, ICMP redirection, IP routing

中图分类号: