[go: up one dir, main page]

CN104427004A - ARP message management method based on network equipment - Google Patents

ARP message management method based on network equipment Download PDF

Info

Publication number
CN104427004A
CN104427004A CN201310360537.4A CN201310360537A CN104427004A CN 104427004 A CN104427004 A CN 104427004A CN 201310360537 A CN201310360537 A CN 201310360537A CN 104427004 A CN104427004 A CN 104427004A
Authority
CN
China
Prior art keywords
message
mac
arp
address
source
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310360537.4A
Other languages
Chinese (zh)
Inventor
吴玉松
单闽
曲长利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE Co Ltd
Original Assignee
BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE Co Ltd filed Critical BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE Co Ltd
Priority to CN201310360537.4A priority Critical patent/CN104427004A/en
Publication of CN104427004A publication Critical patent/CN104427004A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2535Multiple local networks, e.g. resolving potential IP address conflicts

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention provides an ARP message management method based on network equipment, and the method is to solve the problem of network attacks of ARP spoofing and ARP storm and the like. The method comprises the following steps: 1) judging whether a message is an ARP message; 2) judging whether network layer MAC and ARP MAC addresses are consistent; 3) judging whether a source IP address exists in an IP-MAC corresponding table; 4) judging whether the source IP address and a source MAC address exist in the IP-MAC corresponding table; 5) updating life periods of corresponding items of the source IP address and the source MAC address in the IP-MAC corresponding table; 6) adding the source IP address and the source MAC address to the IP-MAC corresponding table; 7) sending an IP conflict ARP message to a source device, and skipping to a step (15); 8) judging whether the message is an ARP request message or a response message; 9) searching whether searched IP information exists in the IP-MAC corresponding table; and 10) returning the ARP response data message.

Description

A kind of ARP message management method of equipment Network Based
Technical field
The present invention relates to a kind of management method of ARP message, especially a kind of ARP message management method of equipment Network Based.
Background technology
ARP (Address Resolution Protocol, address resolution protocol) basic function be IP address by target device, MAC (Media Access Control, the media interviews control) address of query aim equipment, to ensure carrying out smoothly of communication.It is the requisite agreement of network layer in IPv4.
Specify in Ethernet protocol, a main frame in same local area network (LAN) will carry out direct communication with another main frame, must know the MAC Address of destination host.And in ICP/IP protocol, network layer and transport layer are only concerned about the IP address of destination host.When this just causes using IP agreement in ethernet networks, only comprise the IP address of destination host.So, need a kind of mode, according to the IP address of destination host, its MAC Address will be obtained.The thing that ARP agreement that Here it is will be done.So-called address resolution is exactly the process that target ip address is converted to destination-mac address by main frame before sending Frame.
Under normal circumstances, the process of network service is as follows:
If there is a network switching equipment network equipment and three host PC 1, PC2, PC3 in network, the IP address of main frame is respectively 192.168.1.1,192.168.1.2,192.168.1.3, and MAC Address is respectively 11-11-11-11-11-11,22-22-22-22-22-22,33-33-33-33-33-33.
If PC1 will send data to PC2, then need through following steps:
(1) PC1 inquires about in local arp cache the IP-MAC corresponding relation that whether there is PC2 (192.168.1.2), if existed, goes to step (6).
(2) ARP request message is sent to network, the MAC Address of inquiry PC2 (192.168.1.2).
(3) network equipment is to the ARP request message in All hosts (port) distributing step (2).
(4) PC2 receives the ARP request message that PC1 sends, and judges it oneself is return the arp reply information with MAC Address (22-22-22-22-22-22) to PC1 after 192.168.1.2; PC3 judges it oneself is not abandon this message after 192.168.1.2 after receiving the ARP request message that PC1 sends.
(5) network equipment forwards the arp reply information of PC2 transmission to PC1
(6) PC1 sends information to PC2 (22-22-22-22-22-22).
(7) network equipment forwards the information of PC1 to PC2.
Because in ARP consensus standard, network host can unconditional reception and response arp reply information.Under this scheme, the attack of the modes such as ARP deception can be realized easily, cause the situation of the instability of the network such as leakage or suspension of transmitted data on network.
The leakage performing step of network data transmission is as follows:
(1) PC3 sends an arp response message to PC1, cheats PC1 and say that the MAC Address of PC2 is 33-33-33-33-33-33 in message.
(2) network equipment forwards the false arp reply message that PC3 forwards to PC1.
(3) PC1 sends data to PC2, determine the information that there is PC2 (192.168.1.2)-> 33-33-33-33-33-33 in the IP-MAC buffer memory of oneself, so send information to the PC2 (33-33-33-33-33-33) of vacation.
(4) network equipment forwards PC1 and is sent to the information of false PC2 to PC3.
(5) PC3 receives the information that PC1 sends.Cause data leak that PC1 sends to PC2 to PC3 main frame.
Network cheating mode causes the performing step of suspension as follows:
(1) PC3 sends an arp response message to PC1, cheats PC1 and say that the MAC Address of PC2 is AA-AA-AA-AA-AA-AA in message.
(2) network equipment forwards the false arp reply message that PC3 forwards to PC1.
(3) PC1 sends data to PC2, determine in the IP-MAC buffer memory of oneself information that there is PC2 (192.168.1.2) > > AA-AA-AA-AA-AA-AA, so send information to the PC2 (AA-AA-AA-AA-AA-AA) of vacation.
(4) there is not the main frame that MAC Address is AA-AA-AA-AA-AA-AA in the network equipment, so this message is dropped.
The performing step of the unstable networks that network broadcasting windstorm causes is as follows:
(1) PC3 sends any ARP request message in network.
(2) network equipment distributes the ARP request message of PC3 transmission to All hosts (port).
(3) go to step (1).
Because ARP request message can be distributed to all main frames (port) through the network equipment.When ARP request message ceaselessly sends from PC3, when the whole network bandwidth is exhausted, the All hosts on network all can cause unstable networks because of plunder bandwidth.
Current, the most effective solution is exactly do the binding of IP-MAC address on network devices.But in the application of reality, a large amount of previous work amounts and final-period management complexity can be brought to network manager like this.
Summary of the invention
The invention provides a kind of ARP message management method solving the equipment Network Based of the network attacks such as ARP deception, ARP storm.
Realize the ARP message management method of the equipment a kind of Network Based of the object of the invention, comprise the steps:
(1) judge whether message is ARP message; If go to step (3), otherwise go to step (13);
(2) judge that whether network layer MAC is consistent with the MAC Address of ARP; If go to step (3); Otherwise go to step (15);
(3) judge whether source IP address exists in IP-MAC correspondence table; If go to step (4), otherwise go to step (6);
(4) judge whether source IP address, source MAC exist in IP-MAC correspondence table; If go to step (5), otherwise go to step (7);
(5) upgrade the life cycle of source IP address and the respective items of source MAC in IP-MAC correspondence table, go to step (8);
(6) increase source IP address and source MAC are to IP-MAC correspondence table, go to step (8);
(7) send the ARP message of IP conflict to source device, go to step (15);
(8) judge it is ARP request message or response message; If request message goes to step (9), otherwise go to step (12);
(9) the IP information whether IP-MAC correspondence table exists inquiry is inquired about; Go to step (10) if existed, otherwise go to step (11);
(10) return arp reply data message, go to step (15);
(11) sent on network by the network equipment or forward corresponding A RP request message, and being recorded to " sending request message Host List ", going to step (15);
(12) whether inquiry exists " sending request message Host List ", if existed, sends or forwards arp reply message, go to step (15) to the equipment in record;
(13) judge that whether message source IP address, source MAC and target ip address, destination-mac address exist in IP-MAC correspondence table; Go to step (14) if existed, otherwise, abandon current Ethernet message and go to step (15);
(14) network equipment forwards Ethernet message;
(15) Ethernet Message processing is terminated.
The beneficial effect of the ARP message management method of a kind of equipment Network Based of the present invention is as follows:
The ARP message management method of a kind of equipment Network Based of the present invention, the network equipment by no longer forward any come the ARP message (comprising ARP request message and arp reply message) of from host.All ARP information and message are all safeguarded by the network equipment itself and are replied; Greatly reduce the network attacks such as ARP deception, ARP storm.
Accompanying drawing explanation
Fig. 1 is the flow chart of the ARP message management method of a kind of equipment Network Based of the present invention.
Embodiment
As shown in Figure 1, the ARP message management method of a kind of equipment Network Based of the present invention is as follows:
(1) judge whether message is ARP message; If go to step (3), otherwise go to step (13);
(2) judge that whether network layer MAC is consistent with the MAC Address of ARP; If go to step (3); Otherwise go to step (15);
(3) judge whether source IP address exists in IP-MAC correspondence table; If go to step (4), otherwise go to step (6);
(4) judge whether source IP address, source MAC exist in IP-MAC correspondence table; If go to step (5), otherwise go to step (7);
(5) upgrade the life cycle of source IP address and the respective items of source MAC in IP-MAC correspondence table, go to step (8);
(6) increase source IP address and source MAC are to IP-MAC correspondence table, go to step (8);
(7) send the ARP message of IP conflict to source device, go to step (15);
(8) judge it is ARP request message or response message; If request message goes to step (9), otherwise go to step (12);
(9) the IP information whether IP-MAC correspondence table exists inquiry is inquired about; Go to step (10) if existed, otherwise go to step (11);
(10) return arp reply data message, go to step (15);
(11) sent on network by the network equipment or forward corresponding A RP request message, and being recorded to " sending request message Host List ", going to step (15);
(12) whether inquiry exists " sending request message Host List ", if existed, sends or forwards arp reply message, go to step (15) to the equipment in record;
(13) judge that whether message source IP address, source MAC and target ip address, destination-mac address exist in IP-MAC correspondence table; Go to step (14) if existed, otherwise, abandon current Ethernet message and go to step (15);
(14) network equipment forwards Ethernet message;
(15) Ethernet Message processing is terminated.
Embodiment 1
The present embodiment sends datagram to PC2 for simulating PC1, and handling process is as follows:
(1) PC1 (192.168.1.1) is to the ARP request message of network transmission to PC2 (192.168.1.2).
(2) legitimacy of network equipment checking PC1.The network equipment searches the IP-MAC corresponding relation of PC1 from the IP-MAC correspondence table of this locality: 192.168.1.1 > > 11-11-11-11-11-11.Because do not find the IP-MAC respective items of PC1, so the network equipment adds corresponding corresponding relation in IP-MAC correspondence table.
(3) network equipment response ARP request message.The network equipment searches the respective items of PC2 (192.168.1.2) from the IP-MAC correspondence table of this locality.
(4) because the network equipment fails to find the respective items of PC2 in IP-MAC correspondence table, so the network equipment sends an ARP request bag to network.
(5) PC2 sends arp reply message to the network equipment.
(6) legitimacy of network equipment checking PC2.The network equipment finds the IP-MAC corresponding relation of PC2 from the IP-MAC correspondence table of this locality: 192.168.1.2 > > 22-22-22-22-22-22.Because do not find the IP-MAC respective items of PC2, so the network equipment adds corresponding respective items in IP-MAC correspondence table.
(7) network equipment response arp reply message, sends arp reply message to PC1.
(8) PC1 sends datagram to PC2.
(9) legitimacy of PC1 and PC2 in network equipment verification msg message.
(10) network equipment is to PC2 forwarding data packets.
Embodiment 2
The present embodiment sends datagram to PC1 for simulating PC3, and handling process is as follows:
(1) PC3 (192.168.1.3) is to the ARP request message of network transmission to PC1 (192.168.1.1).
(2) legitimacy of network equipment checking PC3.The network equipment searches the IP-MAC corresponding relation of PC3 from the corresponding table table of the IP-MAC of this locality: 192.168.1.3 > > 33-33-33-33-33-33.Because do not find the IP-MAC respective items of PC3, so the network equipment adds corresponding corresponding relation in IP-MAC correspondence table.
(3) network equipment response ARP request.The network equipment finds out the respective items of PC1 from the IP-MAC correspondence table of this locality.
(4) network equipment returns arp reply message to PC3.
(5) PC3 sends datagram to PC1.
(6) legitimacy of PC3, PC1 in network equipment verification msg message.
(7) network equipment is to PC1 forwarding data packets.
Embodiment 3
The present embodiment cheats message for simulation PC3 sends ARP to PC1, and PC3 is disguised oneself as PC2, and process is as follows:
(1) PC3 sends an arp reply message to PC1, indicates the MAC Address of PC2 to be 33-33-33-33-33-33 in message
(2) legitimacy of the network equipment checking PC3, PC2.Judge that the MAC Address sent in MAC Address and ARP bag is inconsistent, so the network equipment abandons this arp reply message.
Embodiment 4
The present embodiment is after the IP address of simulation PC3 changes 192.168.1.2 into, the process of IP conflict, and process is as follows:
(1) after PC3 changes IP=192.168.1.2, to Web broadcast ARP message.
(2) legitimacy of network equipment checking PC3.The network equipment finds the respective items that there is 192.168.1.2 from the IP-MAC correspondence table of this locality, finds to there is IP conflict.
(3) network equipment sends IP conflict ARP message to PC3.
Embodiment recited above is only be described the preferred embodiment of the present invention; not scope of the present invention is limited; do not departing under the present invention designs spiritual prerequisite; the various distortion that the common engineers and technicians in this area make technical solution of the present invention and improvement, all should fall in protection range that claims of the present invention determine.

Claims (1)

1. an ARP message management method for equipment Network Based, comprises the steps:
(1) judge whether message is ARP message; If go to step (3), otherwise go to step (13);
(2) judge that whether network layer MAC is consistent with the MAC Address of ARP; If go to step (3); Otherwise go to step (15);
(3) judge whether source IP address exists in IP-MAC correspondence table; If go to step (4), otherwise go to step (6);
(4) judge whether source IP address, source MAC exist in IP-MAC correspondence table; If go to step (5), otherwise go to step (7);
(5) upgrade the life cycle of source IP address and the respective items of source MAC in IP-MAC correspondence table, go to step (8);
(6) increase source IP address and source MAC are to IP-MAC correspondence table, go to step (8);
(7) send the ARP message of IP conflict to source device, go to step (15);
(8) judge it is ARP request message or response message; If request message goes to step (9), otherwise go to step (12);
(9) the IP information whether IP-MAC correspondence table exists inquiry is inquired about; Go to step (10) if existed, otherwise go to step (11);
(10) return arp reply data message, go to step (15);
(11) sent on network by the network equipment or forward corresponding A RP request message, and being recorded to " sending request message Host List ", going to step (15);
(12) whether inquiry exists " sending request message Host List ", if existed, sends or forwards arp reply message, go to step (15) to the equipment in record;
(13) judge that whether message source IP address, source MAC and target ip address, destination-mac address exist in IP-MAC correspondence table; Go to step (14) if existed, otherwise, abandon current Ethernet message and go to step (15);
(14) network equipment forwards Ethernet message;
(15) Ethernet Message processing is terminated.
CN201310360537.4A 2013-08-19 2013-08-19 ARP message management method based on network equipment Pending CN104427004A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310360537.4A CN104427004A (en) 2013-08-19 2013-08-19 ARP message management method based on network equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310360537.4A CN104427004A (en) 2013-08-19 2013-08-19 ARP message management method based on network equipment

Publications (1)

Publication Number Publication Date
CN104427004A true CN104427004A (en) 2015-03-18

Family

ID=52974908

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310360537.4A Pending CN104427004A (en) 2013-08-19 2013-08-19 ARP message management method based on network equipment

Country Status (1)

Country Link
CN (1) CN104427004A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104883410A (en) * 2015-05-21 2015-09-02 深圳颐和网络科技有限公司 Network transmission method and network transmission device
CN106550059A (en) * 2016-10-27 2017-03-29 曙光信息产业(北京)有限公司 A method and device for responding to an ARP request
CN106790745A (en) * 2016-12-02 2017-05-31 互联网域名系统北京市工程研究中心有限公司 A kind of method and system based on IP conflicts and Real-time Alarm in ARP protocol real-time monitoring subnet
CN107295020A (en) * 2017-08-16 2017-10-24 北京新网数码信息技术有限公司 A kind of processing method and processing device of attack of address resolution protocol
CN110401616A (en) * 2018-04-24 2019-11-01 北京码牛科技有限公司 A kind of method and system improving MAC Address and IP address safety and stability
CN110445887A (en) * 2019-08-12 2019-11-12 北京百佑科技有限公司 Repeat IP recognition methods, device and intelligent talk back equipment
CN114629689A (en) * 2022-02-24 2022-06-14 广东电网有限责任公司 IP address fraud identification method and device, computer equipment and storage medium
CN116366608A (en) * 2023-03-09 2023-06-30 武汉大学中南医院 IP address conflict avoidance method, device, equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101014043A (en) * 2007-02-09 2007-08-08 广州市高科通信技术股份有限公司 Method for realizing interworking of VoIP service in a same OLT of EPON
CN101123614A (en) * 2007-09-04 2008-02-13 中兴通讯股份有限公司 A method and communication device for processing address resolution protocol messages
US20090307773A1 (en) * 2003-05-21 2009-12-10 Foundry Networks, Inc. System and method for arp anti-spoofing security
CN102546658A (en) * 2012-02-20 2012-07-04 神州数码网络(北京)有限公司 Method and system for preventing address resolution protocol (ARP) gateway spoofing
CN103209225A (en) * 2013-04-03 2013-07-17 北京邮电大学 Software defined network (SDN) broadcast processing method based on cycle trigger agent

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090307773A1 (en) * 2003-05-21 2009-12-10 Foundry Networks, Inc. System and method for arp anti-spoofing security
CN101014043A (en) * 2007-02-09 2007-08-08 广州市高科通信技术股份有限公司 Method for realizing interworking of VoIP service in a same OLT of EPON
CN101123614A (en) * 2007-09-04 2008-02-13 中兴通讯股份有限公司 A method and communication device for processing address resolution protocol messages
CN102546658A (en) * 2012-02-20 2012-07-04 神州数码网络(北京)有限公司 Method and system for preventing address resolution protocol (ARP) gateway spoofing
CN103209225A (en) * 2013-04-03 2013-07-17 北京邮电大学 Software defined network (SDN) broadcast processing method based on cycle trigger agent

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郑文兵,李成忠: "ARP欺骗原理及一种防范算法", 《江南大学学报(自然科学版)》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104883410A (en) * 2015-05-21 2015-09-02 深圳颐和网络科技有限公司 Network transmission method and network transmission device
CN104883410B (en) * 2015-05-21 2018-03-02 上海沪景信息科技有限公司 A kind of network transfer method and network transmission device
CN106550059A (en) * 2016-10-27 2017-03-29 曙光信息产业(北京)有限公司 A method and device for responding to an ARP request
CN106790745A (en) * 2016-12-02 2017-05-31 互联网域名系统北京市工程研究中心有限公司 A kind of method and system based on IP conflicts and Real-time Alarm in ARP protocol real-time monitoring subnet
CN107295020A (en) * 2017-08-16 2017-10-24 北京新网数码信息技术有限公司 A kind of processing method and processing device of attack of address resolution protocol
CN110401616A (en) * 2018-04-24 2019-11-01 北京码牛科技有限公司 A kind of method and system improving MAC Address and IP address safety and stability
CN110445887A (en) * 2019-08-12 2019-11-12 北京百佑科技有限公司 Repeat IP recognition methods, device and intelligent talk back equipment
CN114629689A (en) * 2022-02-24 2022-06-14 广东电网有限责任公司 IP address fraud identification method and device, computer equipment and storage medium
CN114629689B (en) * 2022-02-24 2023-10-03 广东电网有限责任公司 IP address fraud identification method, device, computer equipment and storage medium
CN116366608A (en) * 2023-03-09 2023-06-30 武汉大学中南医院 IP address conflict avoidance method, device, equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN104427004A (en) ARP message management method based on network equipment
CN101179566B (en) Method and apparatus for preventing ARP packet attack
US9083716B1 (en) System and method for detecting address resolution protocol (ARP) spoofing
Ullrich et al. {IPv6} security: Attacks and countermeasures in a nutshell
US20080162516A1 (en) Relay apparatus and communication method
CN102255984B (en) Method and device for verifying ARP (Address Resolution Protocol) request message
US20150117420A1 (en) Communicating with a Distribution System via an Uplink Access Point
CN107682470B (en) Method and device for detecting public network IP availability in NAT address pool
CN102546428A (en) System and method for internet protocol version 6 (IPv6) message switching based on dynamic host configuration protocol for IPv6 (DHCPv6) interception
CN104363243A (en) Method and device for preventing gateway deceit
CN102246495A (en) Method and access node for preventing address conflict
US20080240132A1 (en) Teredo connectivity between clients behind symmetric NATs
CN103026685B (en) Communication control device, communication system
CN102970387A (en) Domain name resolution method, device and system
CN102546429A (en) Method and system for authenticating intra-site automatic tunnel addressing protocol (ISATAP) tunnels based on dynamic host configuration protocol (DHCP) monitoring
CN102546308A (en) Method and system for realizing neighbor discovery proxy based on duplicate address detection (DAD)
CN103402197A (en) Hidden position and path protection method based on IPv6 (Internet Protocol Version 6)
CN104468305B (en) Realize Layer3 Virtual Private Network method and apparatus
CN112714126B (en) Method and system for improving honeypot trapping attack capability in IPv6 address space
CN105721314A (en) Method and equipment for sending data packet
US20050249136A1 (en) Dynamic assignment of station addresses transmitted over shared-communications channels
CN106375489A (en) Processing method and apparatus for MAC address
CN101909041A (en) Method and system for host with IPv4 application to communicate through IPv6 network
CN108337331B (en) Network penetration method, device and system and network connectivity checking method
WO2015184979A1 (en) Methods and devices for processing packet, sending information, and receiving information

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C53 Correction of patent of invention or patent application
CB02 Change of applicant information

Address after: 101400, Huairou District, Beijing Youth Road No. 1, 37, 1 floor

Applicant after: BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE CO., LTD.

Address before: 101499 student activities management center, 42 North Street, Huairou District, Beijing 5, 501

Applicant before: BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE CO., LTD.

COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 101499 HUAIROU, BEIJING TO: 101400 HUAIROU, BEIJING

DD01 Delivery of document by public notice

Addressee: BEIJING HUAIJIAO NETWORK TECHNOLOGY SERVICE CO., LTD.

Document name: Notification of Passing Examination on Formalities

WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150318