1 / 13

ARP Spoofing - ARP 攻擊 -

ARP Spoofing - ARP 攻擊 -. 報告者 A0963328 洪靖雅. 報告大綱. 何謂 ARP 、 RARP ARP 運作方式 ARP Spoofing 防止 ARP 攻擊的方法. 何謂 ARP 、 RARP. ARP(Address Resolution Protocol) 位址轉換協定 僅能在區域網路內使用 用 IP 找 MAC RARP( 反向 ARP) 反向位址轉換協議 用 MAC 找 IP Strange :像人不知道自己的名字. ARP 運作方式. 廣播 (ARP request) :誰是 192.168.0.2?

iain
Download Presentation

ARP Spoofing - ARP 攻擊 -

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ARP Spoofing-ARP 攻擊- 報告者 A0963328 洪靖雅

  2. 報告大綱 • 何謂ARP、RARP • ARP運作方式 • ARP Spoofing • 防止ARP攻擊的方法

  3. 何謂ARP、RARP • ARP(Address Resolution Protocol) • 位址轉換協定 • 僅能在區域網路內使用 • 用IP找MAC • RARP(反向ARP) • 反向位址轉換協議 • 用MAC找IP Strange:像人不知道自己的名字

  4. ARP運作方式 廣播(ARP request):誰是192.168.0.2? 請告訴我,我是Gateway。 • 由 ARP request (ARP 查詢) 與 ARP reply (ARP 回應) 兩種封包組成 回應(ARP reply): 我是192.168.0.2 我記住你是Gateway了! 正牌Gateway

  5. ARP Spoofing 廣播(ARP request):誰是192.168.0.2? 請告訴我,我是Gateway。 回應(ARP reply): 我是192.168.0.2 我記住你是Gateway了! 正牌Gateway

  6. ARP Spoofing 這裡是MAC A 我的IP是 192.168.0.2 知道了! 增加MAC A到ARP table MAC A IP192.168.0.2 Router 普通HUB MAC R IP192.168.0.1 ARP table-Router MAC IP A 192.168.0.2 MAC B IP192.168.0.3 ARP table-PC B MAC IP A 192.168.0.2

  7. ARP Spoofing 收到資料! 192.168.0.2的資料傳到MAC A MAC A IP192.168.0.2 ARP table-PC A MAC IP R 192.168.0.1 Router 普通HUB MAC R IP192.168.0.1 ARP table-Router MAC IP A 192.168.0.2 MAC B IP192.168.0.3 ARP table-PC B MAC IP A 192.168.0.2

  8. ARP Spoofing MAC A IP192.168.0.2 ARP table-PC A MAC IP R 192.168.0.1 B 192.168.0.3 Router 普通HUB MAC R IP192.168.0.1 ARP table-Router MAC IP A 192.168.0.2 B 192.168.0.3 MAC B IP192.168.0.3 這裡是B,網域裡有誰? ARP table-PC B MAC IP A 192.168.0.2

  9. ARP Spoofing 這是MAC A, IP是192.168.0.2 這是MAC R, IP是192.168.0.1 MAC A IP192.168.0.2 ARP table-PC A MAC IP R 192.168.0.1 B 192.168.0.3 Router 普通HUB MAC R IP192.168.0.1 ARP table-Router MAC IP A 192.168.0.2 B 192.168.0.3 MAC B IP192.168.0.3 ARP table-PC B MAC IP A 192.168.0.2 R 192.168.0.1

  10. ARP Spoofing 更新ARP table 更新ARP table MAC A IP192.168.0.2 ARP table-PC A MAC IP R 192.168.0.1 B 192.168.0.3 B 192.168.0.1 Router 普通HUB MAC R IP192.168.0.1 Router的假位址在MAC B ARP table-Router MAC IP A 192.168.0.2 B 192.168.0.3 B 192.168.0.2 MAC B IP192.168.0.3 電腦A的假位址在MAC B ARP table-PC B MAC IP A 192.168.0.2 R 192.168.0.1

  11. ARP Spoofing 將資料傳到Router (MAC B) 192.168.0.2的資料傳到MAC B MAC A IP192.168.0.2 ARP table-PC A MAC IP R 192.168.0.1 B 192.168.0.3 B 192.168.0.1 Router 普通HUB MAC R IP192.168.0.1 ARP table-Router MAC IP A 192.168.0.2 B 192.168.0.3 B 192.168.0.2 MAC B IP192.168.0.3 ARP table-PC B MAC IP A 192.168.0.2 R 192.168.0.1

  12. 防止ARP攻擊的方法 • 控管MAC address • 將MAC address與IP綁定,不允許更改 • 加裝VLAN Switch • 網域內的用戶端只會看到Router

  13. The End. Thanks for your attention.

More Related