Using two methods to solve the security problem of IP theft in the LAN

IP is the abbreviation of English Internet Protocol (Internet Protocol). The Chinese abbreviation is “Network Association”, which is the computer network. A protocol designed to communicate with each other. In the Internet, it is a set of rules that enable all computer networks connected to the network to communicate with one another, defining the rules that computers should follow when communicating over the Internet. Few people know, not to mention ip stolen.

A lot of people don't know, in fact, IP is stolen because the thief uses an unauthorized IP to configure the computer on the Internet. At present, IP piracy is very common, and many “lawless people” use the act of stealing addresses to avoid tracking and hiding their identity. IP piracy violates the rights of normal users of the network and has a huge negative impact on network security and the normal operation of the network. Here are some ways to introduce ip stolen and ways to prevent theft. If you understand both of these aspects, I believe you can easily prevent ip from being stolen.

I. IP address theft method Analysis

There are many ways to steal IP addresses. The common methods are as follows:

1. Statically modify IP address

For any TCP/IP implementation In other words, the IP address is a mandatory option for its user configuration. If the user configures TCP/IP or modifies the TCP/IP configuration, instead of using the IP address assigned by the authority, IP address theft is formed. Since the IP address is a logical address and is a value that needs to be set by the user, it is impossible to restrict the static modification of the IP address by the user unless a DHCP server is used to allocate the IP address, but it brings other management problems.

2, modify the IP-MAC address in pairs

For the problem of statically modifying the IP address, many units now use static routing technology to solve it. For the static routing technology, IP piracy technology has a new development, that is, the IP-MAC address is modified in pairs. The MAC address is the hardware address of the device. For our commonly used Ethernet, it is commonly known as the computer network card address. The MAC address of each network card must be unique among all Ethernet devices. It is assigned by the IEEE and is fixed on the network card. Generally, it cannot be modified at will. However, for some compatible network cards, the MAC address can be modified using the network card configuration program. If you change the IP address and MAC address of one computer to the IP address and MAC address of another legitimate host, static routing technology can't do anything about it.

In addition, for those network cards whose MAC addresses cannot be directly modified, the user can also modify the MAC address by means of software, that is, by modifying the underlying network software to achieve the purpose of deceiving the upper layer network software.

3, dynamically modify the IP address

For some hackers, write programs directly on the network to send and receive data packets, bypass the upper layer network software, dynamically modify their own IP address (or IP - MAC address pair), achieving IP spoofing is not a very difficult thing. Previous12Next page Total 2 pages