ARP欺骗监控系统的设计与实现本科毕业论文.doc

摘 要 网络的迅速发展,给人类生活带来,但也对网络安全提出了更高要求。对网络协议分析。ARP协议是TCP/IP协议中重要的一员,其功能主要是为局域网内网络设备提供IP地址向硬件地址的转化,其设计建立在局域网内网络设备之间相互信任的基础上,由此产生了许多ARP欺骗攻击方法。本文ARP协议为基本原理,以防御ARP欺骗、提高网络安全为首先,在对TCP/IP参考模型、等相关理论学习基础上,重点分析了ARP协议的运行机制,包括ARP缓存、ARP帧格式、ARP请求和应答的运行过程等。其次,分析了ARP欺骗原理ARP欺骗就是通过向目标主机发送一个伪造的IP-MAC映射信息的ARP应答报文,根据Windows系统在更新ARP缓存中IP地址和MAC地址映射信息时不检验更新内容可靠性的,提出了一种基于服务器客户端的ARP欺骗防御模型,以达局域网中实现各主机防御ARP欺骗的目的。本软件Visual C++6.0作为开发工具，采用Winpcap（Windows Packet Capture）进行网络监视Visual C++ 6.0 ；监控 ；Protect；服务器 ；客户端 Abstract The rapid development of the network, to human life, but also bring convenience to network security raised taller requirement. The need for further analysis of network protocols, it can be more effective application of security protocols. ARP protocol is TCP / IP protocol an important one, and its main function is to provide network equipment for the LAN IP address to hardware address (MAC address) of the conversion, its design based on the local area network equipment based on mutual trust between the For non-trusted device is not considered, so lots of ARP spoofing attack method. In this paper, the basic principle of ARP protocol to guard against ARP cheating, improve network security purposes. First of all, in the TCP / IP reference model, ARP protocol and other related theoretical study, based on ARP protocol analyzed the operation of mechanisms, including ARP cache, ARP frame format, ARP request and response operation processes. Secondly, the analysis of the principle of ARP deception, ARP deception is through to the target host to send a fake IP-MAC mapping contains information on ARP response packet to achieve. Finally, under Windows system ARP cache updating the IP address and MAC address mapping information when the update does not test the reliability of the characteristics of Neirong, a server-based client ARP deception defense model in order to achieve LAN ARP cheating achievement of the host defense purposes. The software uses the Visual C + +6.0 as development tools,