ARP欺骗
<div><br></div><div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> <font class="Apple-style-span" color="#F000F0"><span class="Apple-style-span" style="font-size: large; ">1) 什么是ARP欺骗?</span></font></span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "><font class="Apple-style-span" color="#F000F0"><span class="Apple-style-span" style="font-size: large; "></span></font> 在局域网中,黑客经过收到ARP Request广播包,能够偷听到其它节点的 (IP, MAC) 地址, 黑客就伪装为A,告诉B (受害者) 一个假地址,使得B在发送给A 的数据包都被黑客截取,而A, B 浑然不知。</span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> </span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> </span><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; "><font class="Apple-style-span" color="#F000F0"> 2) 为什么黑客能够进行ARP欺骗?</font></span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; "><font class="Apple-style-span" color="#F000F0"></font></span><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> ARP 是个早期的网络协议,RFC826在 1980就出版了。早期的互联网采取的是信任模式,在科研、大学内部使用,追求功能、速度,没考虑网络安全。尤其以太网的洪泛特点,能够很方便的用来查询。但这也为日后的黑客开了方便之门。黑客只要在局域网内阅读送上门来的ARP Request就能偷听到网内所有的 (IP, MAC)地址。而节点收到ARP Reply时,也不会质疑。黑客很容易冒充他人</span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "><br></span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> </span><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; "><font class="Apple-style-span" color="#F000F0"> 3) 能够防止欺骗吗?</font></span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> 不能。但这种伤害的伤害已经很小。因为局域网的工作环境有了改变, 服务器通常不会和终端主机在同一个局域网。</span></span></span></span></font></div><div><font class="Apple-style-span" face="arial, 宋体, sans-serif"><span class="Apple-style-span" style="line-height: 24px; "><span class="Apple-style-span" style="font-family: Arial; line-height: 22px; font-weight: bold; "><span class="Apple-style-span" style="font-size: large; "><span class="Apple-style-span" style="font-family: arial, 宋体, sans-serif; font-weight: normal; line-height: 24px; font-size: 14px; "> </span></span></span></span></font></div></div>
页:
[1]