Abstract: ARP spoofing and ICMP redirection attack are used frequently, both of them can sniff the Ethernet or attack the target by means of denial of service. Through analyzing the difference of measure and applicable scope between them, a conclusion is made that ICMP redirection attack is more difficult to come true. In terms of mechanism of IP routing, the theory thal ARP spoofing spans the same subnet actually does not realize and the reason is that the target will examine received ICMP redirection message, so this measure is not successful in practice.

Key words: ARP spoofing, sniffing, denial of service, ICMP redirection, IP routing

摘要： ARP欺骗及ICMP重定向攻击是以太网中常用的攻击手段，两者都可达到监听网络或对目标主机进行拒绝服务攻击的效果。该文通过分析两者在实现方式、适用范围方面的不同，得出实施ICMP重定向攻击难度更大的结论。根据IP路由原理，反驳了可以跨网段实施ARP欺骗的观点，指出其无法实现的根本原因在于忽略了目标主机要对接收到的ICMP重定向报文进行详细检查，这种攻击手段实际上很难奏效。

关键词: ARP欺骗, 监听, 拒绝服务, ICMP重定向, IP路由

CLC Number: 

• TP393.08