关于ARP攻击的防护措施
<p style="LINE-HEIGHT: 150%;"><font face="宋体"><b><span style="FONT-SIZE: 10.5pt; COLOR: #660000; LINE-HEIGHT: 150%;">关于<span lang="EN-US">ARP</span>攻击的防护措施</span></b><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><p></p></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">我们首先要知道以太网内主机通信是靠<span lang="EN-US">MAC</span>地址来确定目标的<span lang="EN-US">.arp</span>协议又称<span lang="EN-US">"</span>地址解析协议<span lang="EN-US">",</span>它负责通知电脑要连接的目标的地址<span lang="EN-US">,</span>这里说的地址在以太网中就是<span lang="EN-US">MAC</span>地址<span lang="EN-US">,</span>简单说来就是通过<span lang="EN-US">IP</span>地址来查询目标主机的<span lang="EN-US">MAC</span>地址<span lang="EN-US">.</span>一旦这个环节出错<span lang="EN-US">,</span>我们就不能正常和目标主机进行通信<span lang="EN-US">,</span>甚至使整个网络瘫痪<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><font face="宋体"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">ARP</span><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">的攻击主要有以下几种方式<span lang="EN-US"><p></p></span></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">一<span lang="EN-US">.</span>简单的欺骗攻击<span lang="EN-US">
<p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">这是比较常见的攻击<span lang="EN-US">,</span>通过发送伪造的<span lang="EN-US">ARP</span>包来欺骗路由和目标主机<span lang="EN-US">,</span>让目标主机认为这是一个合法的主机<span lang="EN-US">.</span>便完成了欺骗<span lang="EN-US">.</span>这种欺骗多发生在同一网段内<span lang="EN-US">,</span>因为路由不会把本网段的包向外转发<span lang="EN-US">,</span>当然实现不同网段的攻击也有方法<span lang="EN-US">,</span>便要通过<span lang="EN-US">ICMP</span>协议来告诉路由器重新选择路由<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">二<span lang="EN-US">.</span>交换环境的嗅探<span lang="EN-US">
<p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">在最初的小型局域网中我们使用<span lang="EN-US">HUB</span>来进行互连<span lang="EN-US">,</span>这是一种广播的方式<span lang="EN-US">,</span>每个包都会经过网内的每台主机<span lang="EN-US">,</span>通过使用软件<span lang="EN-US">,</span>就可以嗅谈到整个局域网的数据<span lang="EN-US">.</span>现在的网络多是交换环境<span lang="EN-US">,</span>网络内数据的传输被锁定的特定目标<span lang="EN-US">.</span>既已确定的目标通信主机<span lang="EN-US">.</span>在<span lang="EN-US">ARP</span>欺骗的基础之上<span lang="EN-US">,</span>可以把自己的主机伪造成一个中间转发站来监听两台主机之间的通信<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">三<span lang="EN-US">.MAC Flooding <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">这是一个比较危险的攻击<span lang="EN-US">,</span>可以溢出交换机的<span lang="EN-US">ARP</span>表<span lang="EN-US">,</span>使整个网络不能正常通信<span lang="EN-US">
<p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">四<span lang="EN-US">.</span>基于<span lang="EN-US">ARP</span>的<span lang="EN-US">DOS <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">这是新出现的一种攻击方式<span lang="EN-US">,D.O.S</span>又称拒绝服务攻击<span lang="EN-US">,</span>当大量的连接请求被发送到一台主机时<span lang="EN-US">,</span>由于主机的处理能力有限<span lang="EN-US">,</span>不能为正常用户提供服务<span lang="EN-US">,</span>便出现拒绝服务<span lang="EN-US">.</span>这个过程中如果使用<span lang="EN-US">ARP</span>来隐藏自己<span lang="EN-US">,</span>在被攻击主机的日志上就不会出现真实的<span lang="EN-US">IP.</span>攻击的同时<span lang="EN-US">,</span>也不会影响到本机<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">防护方法<span lang="EN-US">: <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><font face="宋体"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">1.IP+MAC</span><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">访问控制<span lang="EN-US">. <p></p></span></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">单纯依靠<span lang="EN-US">IP</span>或<span lang="EN-US">MAC</span>来建立信任关系是不安全<span lang="EN-US">,</span>理想的安全关系建立在<span lang="EN-US">IP+MAC</span>的基础上<span lang="EN-US">.</span>这也是我们校园网上网必须绑定<span lang="EN-US">IP</span>和<span lang="EN-US">MAC</span>的原因之一<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><font face="宋体"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">2.</span><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">静态<span lang="EN-US">ARP</span>缓存表<span lang="EN-US">. <p></p></span></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">每台主机都有一个临时存放<span lang="EN-US">IP-MAC</span>的对应表<span lang="EN-US">ARP</span>攻击就通过更改这个缓存来达到欺骗的目的<span lang="EN-US">,</span>使用静态的<span lang="EN-US">ARP</span>来绑定正确的<span lang="EN-US">MAC</span>是一个有效的方法<span lang="EN-US">.</span>在命令行下使用<span lang="EN-US">arp -a</span>可以查看当前的<span lang="EN-US">ARP</span>缓存表<span lang="EN-US">.</span>以下是本机的<span lang="EN-US">ARP</span>表<span lang="EN-US">
<p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">C:\Documents and Settings\cnqing>arp -a <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">Interface: 210.31.197.81 on Interface 0x1000003 <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">Internet Address Physical Address Type <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">210.31.197.94 00-03-6b-7f-ed-02 dynamic <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">其中<span lang="EN-US">"dynamic" </span>代表动态缓存<span lang="EN-US">,</span>即收到一个相关<span lang="EN-US">ARP</span>包就会修改这项<span lang="EN-US">.</span>如果是个非法的含有不正确的网关的<span lang="EN-US">ARP</span>包<span lang="EN-US">,</span>这个表就会自动更改<span lang="EN-US">.</span>这样我们就不能找到正确的网关<span lang="EN-US">MAC,</span>就不能正常和其他主机通信<span lang="EN-US">.</span>静态表的建立用<span lang="EN-US">ARP -S IP MAC. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">执行<span lang="EN-US">"arp -s 210.31.197.94 00-03-6b-7f-ed-02"</span>后<span lang="EN-US">,</span>我们再次查看<span lang="EN-US">ARP</span>缓存表<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">C:\Documents and Settings\cnqing>arp -a <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">Interface: 210.31.197.81 on Interface 0x1000003 <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">Internet Address Physical Address Type <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">210.31.197.94 00-03-6b-7f-ed-02 static <p></p></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">此时<span lang="EN-US">"TYPE"</span>项变成了<span lang="EN-US">"static",</span>静态类型<span lang="EN-US">.</span>这个状态下<span lang="EN-US">,</span>是不会在接受到<span lang="EN-US">ARP</span>包时改变本地缓存的<span lang="EN-US">.</span>从而有效的防止<span lang="EN-US">ARP</span>攻击<span lang="EN-US">.</span>静态的<span lang="EN-US">ARP</span>条目在每次重启后都要消失需要重新设置<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><font face="宋体"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">3.ARP </span><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">高速缓存超时设置<span lang="EN-US">
<p></p></span></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">在<span lang="EN-US">ARP</span>高速缓存中的表项一般都要设置超时值<span lang="EN-US">,</span>缩短这个这个超时值可以有效的防止<span lang="EN-US">ARP</span>表的溢出<span lang="EN-US">. <p></p></span></font></span></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><font face="宋体"><span lang="EN-US" style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">4.</span><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;">主动查询<span lang="EN-US">
<p></p></span></span></font></p><p style="TEXT-INDENT: 24pt; LINE-HEIGHT: 150%;"><span style="FONT-SIZE: 10.5pt; LINE-HEIGHT: 150%;"><font face="宋体">在某个正常的时刻<span lang="EN-US">,</span>做一个<span lang="EN-US">IP</span>和<span lang="EN-US">MAC</span>对应的数据库<span lang="EN-US">,</span>以后定期检查当前的<span lang="EN-US">IP</span>和<span lang="EN-US">MAC</span>对应关系是否正常<span lang="EN-US">.</span>定期检测交换机的流量列表<span lang="EN-US">,</span>查看丢包率<span lang="EN-US">. <p></p></span></font></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; LINE-HEIGHT: 150%; mso-char-indent-count: 2.0;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">本身不会造成多大的危害</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">,</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">但是一旦被结合利用</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">,</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">其危险性就不可估量了</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">.</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">由于</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">本身的问题</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">.</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">使得防范</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">的攻击很棘手</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">,</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">经常查看当前的网络状态</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">,</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">监控流量对一个网管员来说是个很好的习惯,如果网吧的路由器本身不能够支持</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">防御功能,可以选择一台具有</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">防范功能的欣联路由器,从而彻底解决</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman">ARP</font></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-ascii-font-family: "Times New Roman"; mso-hansi-font-family: "Times New Roman";">问题。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; LINE-HEIGHT: 150%; mso-char-indent-count: 2.0;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><font face="Times New Roman"><span style="mso-spacerun: yes;"> </span><p></p></font></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: 150%;"><b style="mso-bidi-font-weight: normal;"><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">欣联路由器对</span></b><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">ARP</span></b><b style="mso-bidi-font-weight: normal;"><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">的病毒防御主要通过以下几种手段解决:</span></b><b style="mso-bidi-font-weight: normal;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p></p></span></b></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 36pt; TEXT-INDENT: -18pt; LINE-HEIGHT: 150%; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: Arial;"><span style="mso-list: Ignore;">1、<span style="FONT: 7pt "Times New Roman";">
</span></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">主动广播正确的网关地址,有很多路由器一接到网络上,就无法正常访问,这种情况一般是因为内网中有一台机器在伪造网关,不信的向内网其他机器发送虚假网关信息,欣联的路由器支持广播正确网关地址的功能,只需勾取此功能,即可对以上第一种</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">ARP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">欺骗进行防范。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 36pt; TEXT-INDENT: -18pt; LINE-HEIGHT: 150%; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: "Times New Roman";"><span style="mso-list: Ignore;"><font face="Times New Roman">2、<span style="FONT: 7pt "Times New Roman";"> </span></font></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">提供</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">IP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址和</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址双向绑定的功能,双向绑定能够彻底解决</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">ARP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">病毒欺骗的问题。目前在市面上宣传有此功能的厂家不少,但是在实际测试过程中发现一般有以下几个问题:</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 71.25pt; TEXT-INDENT: -32.25pt; LINE-HEIGHT: 150%; mso-list: l0 level2 lfo1; tab-stops: list 71.25pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: Arial;"><span style="mso-list: Ignore;">1)<span style="FONT: 7pt "Times New Roman";"> </span></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">有些品牌的路由器不提供自动扫描功能,这样需使用其他软件扫描后,再将对应的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">IP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">/</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">绑定表复制到路由器中,操作起来非常麻烦,且容易出错,一般人员无法进行。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 71.25pt; TEXT-INDENT: -32.25pt; LINE-HEIGHT: 150%; mso-list: l0 level2 lfo1; tab-stops: list 71.25pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: "Times New Roman";"><span style="mso-list: Ignore;"><font face="Times New Roman">2)<span style="FONT: 7pt "Times New Roman";"> </span></font></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">有些品牌的路由器产品虽然提供了自动扫描功能,但其对所扫描的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址不做判断,导致所扫描出来的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址本身就有很多是重复的,同样解决不了</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">ARP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">欺骗的问题。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 71.25pt; TEXT-INDENT: -32.25pt; LINE-HEIGHT: 150%; mso-list: l0 level2 lfo1; tab-stops: list 71.25pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: "Times New Roman";"><span style="mso-list: Ignore;"><font face="Times New Roman">3)<span style="FONT: 7pt "Times New Roman";"> </span></font></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">一般的路由器在做双向绑定到</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">100</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">条左右路由器就会崩溃,出现频繁的掉线,重启等现象,这是因为软件算法不同造成的,而欣联的路由器在实际工作中绑定了</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">300</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">条以上照样非常稳定的工作。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 36pt; TEXT-INDENT: -18pt; LINE-HEIGHT: 150%; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: "Times New Roman";"><span style="mso-list: Ignore;"><font face="Times New Roman">3、<span style="FONT: 7pt "Times New Roman";"> </span></font></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">病毒隔离功能。常见的宽带路由器并无此防范功能,欣联的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">“</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">病毒隔离</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">”</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">智能将内网</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">“</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">中毒</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">”</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">主机自动进行隔离免疫,有效的防止</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">“</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">一台机器中毒,整个网络遭殃</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">”</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">的局面出现。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 36pt; TEXT-INDENT: -18pt; LINE-HEIGHT: 150%; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: "Times New Roman";"><span style="mso-list: Ignore;"><font face="Times New Roman">4、<span style="FONT: 7pt "Times New Roman";"> </span></font></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">内网广播风暴抑制,</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">synFlooding</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">,</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">UDPFlooding</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">的防御,外网的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">synFlooding</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">、</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">DDOS</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">攻击防御</span><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt 36pt; TEXT-INDENT: -18pt; LINE-HEIGHT: 150%; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt; mso-fareast-font-family: Arial;"><span style="mso-list: Ignore;">5、<span style="FONT: 7pt "Times New Roman";">
</span></span></span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">使用欣联的路由器,支持自动扫描,并且能够对扫描的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址进行判断,不会出现误扫的情况,因为欣联软件算法优秀,在实际使用过程中,绑定到</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">300</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">个以上的</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">IP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">/</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">MAC</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">地址,同时做了</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">300</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">个以上的主机流控,仍然非常稳定的运行。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; LINE-HEIGHT: 150%; mso-char-indent-count: 2.0;"><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p> </p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; TEXT-INDENT: 21pt; LINE-HEIGHT: 150%; mso-char-indent-count: 2.0;"><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">综上所述,使用欣联的路由器,能够完全彻底的解决因为</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;">ARP</span><span style="LINE-HEIGHT: 150%; FONT-FAMILY: 宋体; mso-bidi-font-size: 10.5pt; mso-bidi-font-family: Arial; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial;">问题所带来的“掉线”问题。</span><span lang="EN-US" style="LINE-HEIGHT: 150%; FONT-FAMILY: Arial; mso-bidi-font-size: 10.5pt;"><p></p></span></p><p class="MsoNormal" style="MARGIN: 0cm 0cm 0pt; LINE-HEIGHT: 150%;"><span lang="EN-US" style="LINE-HEIGHT: 150%; mso-bidi-font-size: 10.5pt;"><p><font face="Times New Roman"> </font></p></span></p>
页:
[1]