|
maikaluo
初级用户
积分 37
发帖 13
注册 2008-4-14
状态 离线
|
『楼 主』:
请高手帮忙写个ARP批处理防御
使用 LLM 解释/回答一下
我们学校的ARP攻击很猖狂,麻烦各位高手帮忙写个ARP 批处理防御的。
我在此 深感 谢意
The ARP attacks in our school are very rampant. Please help all the experts write an ARP batch processing defense. I am deeply grateful here
|
|
 2008-4-16 20:54 |
|
|
rj1005
新手上路
积分 14
发帖 7
注册 2008-4-30
状态 离线
|
|
|
2008-4-30 22:40 |
|
|
mcpake
新手上路
积分 2
发帖 1
注册 2006-12-10
状态 离线
|
『第 3 楼』:
使用 LLM 解释/回答一下
arp -d
arp -s 路由IP
保存为bat
试试吧 路由带绑定功能,也可以双向绑定 ,这样最好
说的不好请楼下指正
arp -d
arp -s 路由IP
Save as a bat
Give it a try. The route has binding function, and it can also be bidirectionally bound. That's the best.
Please correct if there's anything wrong, next floor.
|
|
|
2008-5-3 19:03 |
|
|
qja
新手上路
积分 11
发帖 6
注册 2008-5-27
状态 离线
|
『第 4 楼』:
使用 LLM 解释/回答一下
把自己的IP和MAC地址也绑上
Bind your own IP and MAC addresses as well
|
|
|
2008-6-2 20:31 |
|
|
cuihanjie
初级用户
积分 26
发帖 13
注册 2008-6-3
状态 离线
|
|
|
2008-6-4 23:51 |
|
|
sharpkingby
新手上路
积分 17
发帖 9
注册 2008-7-29
状态 离线
|
|
|
2008-7-29 21:39 |
|
|
agt66
新手上路
积分 10
发帖 5
注册 2008-7-4
状态 离线
|
『第 7 楼』:
有个问题
使用 LLM 解释/回答一下
你说arp是什么呀,不太清楚,你知道吗
You say what is ARP? Not very clear, do you know?
|
|
|
2008-7-31 19:49 |
|
|
tinlin
初级用户
DOS菜鸟兼痴迷者
积分 160
发帖 76
注册 2008-2-23
状态 离线
|
『第 8 楼』:
使用 LLM 解释/回答一下
其实,此起彼伏的瞬间掉线或大面积的断网大都是ARP欺骗在作怪。ARP欺骗攻击已经成了破坏网吧经营的罪魁祸首,是网吧老板和网管员的心腹大患。
从影响网络连接通畅的方式来看,ARP欺骗分为二种,一种是对路由器ARP表的欺骗;另一种是对内网PC的网关欺骗。
第一种ARP欺骗的原理是——截获网关数据。它通知路由器一系列错误的内网MAC地址,并按照一定的频率不断进行,使真实的地址信息无法通过更新保存在路由器中,结果路由器的所有数据只能发送给错误的MAC地址,造成正常PC无法收到信息。第二种ARP欺骗的原理是——伪造网关。它的原理是建立假网关,让被它欺骗的PC向假网关发数据,而不是通过正常的路由器途径上网。在PC看来,就是上不了网了,“网络掉线了”。
一般来说,ARP欺骗攻击的后果非常严重,大多数情况下会造成大面积掉线。有些网管员对此不甚了解,出现故障时,认为PC没有问题,交换机没掉线的“本事”,电信也不承认宽带故障。而且如果第一种ARP欺骗发生时,只要重启路由器,网络就能全面恢复,那问题一定是在路由器了。为此,宽带路由器背了不少“黑锅”。
作为网吧路由器的厂家,对防范ARP欺骗不得已做了不少份内、份外的工作。一、在宽带路由器中把所有PC的IP-MAC输入到一个静态表中,这叫路由器IP-MAC绑定。二、力劝网管员在内网所有PC上设置网关的静态ARP信息,这叫PC机IP-MAC绑定。一般厂家要求两个工作都要做,称其为IP-MAC双向绑定。
In fact, the frequent momentary disconnections or large - scale network outages are mostly caused by ARP spoofing. ARP spoofing attacks have become the number - one culprit that disrupts internet cafe operations and a major headache for internet cafe owners and network administrators.
In terms of the ways to affect the smoothness of network connection, ARP spoofing is divided into two types. One is the spoofing of the router's ARP table; the other is the gateway spoofing of the internal network PC.
The principle of the first type of ARP spoofing is - intercepting gateway data. It notifies the router of a series of incorrect internal network MAC addresses and continuously does so at a certain frequency, so that the real address information cannot be saved in the router through update. As a result, all data of the router can only be sent to the incorrect MAC address, causing normal PCs to be unable to receive information. The principle of the second type of ARP spoofing is - forging a gateway. Its principle is to set up a fake gateway, so that the PC deceived by it sends data to the fake gateway instead of going online through the normal router path. To the PC, it is like being unable to access the internet, "the network is disconnected".
Generally speaking, the consequences of ARP spoofing attacks are very serious. In most cases, it will cause large - scale disconnections. Some network administrators don't understand this very well. When a fault occurs, they think there is no problem with the PC, the switch doesn't have the "ability" to disconnect, and the telecom doesn't admit to a broadband fault. And if the first type of ARP spoofing occurs, as long as the router is restarted and the network can be fully restored, then the problem must be with the router. For this reason, broadband routers have taken a lot of "blame".
As manufacturers of internet cafe routers, they have to do a lot of work, both within and outside their duties, to prevent ARP spoofing. First, input the IP - MAC of all PCs into a static table in the broadband router. This is called router IP - MAC binding. Second, strongly advise network administrators to set up static ARP information of the gateway on all internal network PCs. This is called PC IP - MAC binding. Generally, manufacturers require both tasks to be done, which is called IP - MAC two - way binding.
|
C:/>forum http://cks.5d6d.com
conneting...
cks>http://cks.5d6d.com
cks>
cks>open
cks>username:tinlin
cks>password:*********
cks>
|
|
|
2008-8-21 12:27 |
|
|
xuye
初级用户
积分 79
发帖 34
注册 2008-4-2
状态 离线
|
『第 9 楼』:
使用 LLM 解释/回答一下
上百度知道一查就知道了!而且很全面!
Just check it on Baidu Zhidao, and you'll know! And it's very comprehensive!
|
|
|
2008-8-22 17:22 |
|
