Giao TH C ARP

Bao cao Mang va truyn thng
GVHD: ng Trung Thanh
MUC LUC
Nhom 12
Trang 1
Bao cao Mang va truyn thng I. Gii thiu v giao thc phn gii a ch ( ARP )
1.
Tng quan v giao thc phn gii a ch:
Ti tng Network ca m hnh OSI , chng ta thng s dng cc loi a ch mang tnh cht quy c nh IP, IPX Cc a ch ny c phn thnh hai phn ring bit l phn a ch mng (NetID) v phn a ch my ( HostID) . Cch nh s a ch nh vy nhm gip cho vic tm ra cc ng kt ni t h thng mng ny sang h thng mng khc c d dng hn. Cc a ch ny c th c thay i theo ty ngi s dng. Trn thc t, cc card mng (NIC) ch c th kt ni vi nhau theo a ch MAC, a ch c nh v duy nht ca phn cng. Do vy ta phi c mt c ch chuyn i cc dng a ch ny qua li vi nhau. C hai phng php phn gii a ch l : map trc tip v phn gii ng. Vic map trc tip gp nhiu kh khn do a ch MAC (lp datalink) l a ch 48 bit trong khi a ch IP l 32 bit. Bn cnh cc nh pht trin mun to ra mt c ch linh hot trong s dng, t giao thc ARP ( Address Resolution Protocol ) ra i. ARP l phng thc phn gii a ch ng gia a ch lp network v a ch lp datalink. Qu trnh thc hin bng cch: mt thit b IP trong mng gi mt gi tin broadcast n ton mng yu cu thit b khc gi tr li a ch phn cng ( a ch lp datalink ) ca mnh. Ban u ARP ch c s dng trong mng Ethernet phn gii a ch IP v a ch MAC. Nhng ngy nay ARP c ng dng rng ri v dng trong cc cng ngh khc da trn lp hai. 2. Cu trc gi tin ARP Cc a ch Giao thc quyt nh s dng mt nh dng thng ip n gin c cha mt trong nhng yu cu phn gii a ch hoc phn ng. Kch thc ca tin nhn ARP ph thuc vo cc lp trn v kch thc lp a ch thp hn, c a ra bi cc loi hnh giao thc mng (thng l IPv4) trong s dng v loi phn cng hoc cc lp lin kt o rng cc giao thc lp trn l chy trn. Cc tiu tin nhn xc nh cc loi, cng nh kch thc ca cc a ch ca mi. Cc tiu tin c hon thnh vi m hot ng cho yu cu (1) v tr li (2). Cc ti trng ca gi bao gm bn a ch, phn cng v a ch giao thc ca ngi gi v ngi nhn host. Cu trc gi d liu ch yu ca cc gi tin ARP c hin th trong bng sau minh ho trng hp ca mng IPv4 ang chy trn Ethernet. Trong kch bn ny,
Nhom 12
Trang 2
gi c 48-bit cho cc lnh vc phn cng a ch ngi gi (SHA) v a ch phn cng mc tiu (THA), v 32-bit, cc lnh vc cho ngi gi v a ch giao thc tng ng vi mc tiu (SPA v TPA). Nh vy, kch thc gi ARP trong trng hp ny l 28 byte.
Trong :phn cng kiu (HTYPE) Trng ny xc nh loi giao thc Link Layer. V d: Ethernet l 1. Ngh nh th kiu (PTYPE) Trng ny xc nh giao thc lp trn m cc yu cu ARP l d nh. V d, Internet Protocol (IPv4) c m ha nh l 0x0800. Phn cng chiu di (HLEN) Chiu di (trong octet) ca mt a ch phn cng. Ethernet a ch kch thc l 6. Ngh nh th di (PLEN) Chiu di (trong octet) ca mt a ch hp l ca giao thc c ch nh (x. PTYPE). Kch thc a ch IPv4 l 4. Hot ng Xc nh cc hot ng m ngi gi l thc hin: 1 cho yu cu, 2 tr li.Tn ngi gi a ch phn cng (SHA) Phn cng (MAC) a ch ca ngi gi. Tn ngi gi a ch giao thc (SPA) Thng tng giao thc a ch ca ngi gi. Nhm mc tiu a ch phn cng (THA) Phn cng, a ch ca ngi nhn nh. Trng ny b b qua trong yu cu. Nhm mc tiu a
Nhom 12
Trang 3
ch giao thc (TPA) Thng tng giao thc a ch ca ngi nhn nh. Giao thc ARP gi tr tham s c chun ha v c duy tr bi IANA [3]. 3. C ch hot ng ca ARP Qu trnh thc hin ARP c bt u khi mt thit b ngun trong mt mng IP c nhu cu gi mt gi tin IP. Trc ht thit b phi xc nh xem a ch IP ch ca gi tin c phi nm cng trong mng ni b ca mnh hay khng. Nu ng vy th thit b s gi trc tip gi tin n thit b ch. Nu a ch IP ch nm trn mng khc, th thit b s gi gi tin n mt trong cc router nm cng trn mng ni b router ny lm nhim v forward gi tin. C hai trng hp ta u thy c l thit b phi gi tin IP n mt thit b IP khc trn cng mng ni b. Ta bit rng vic gi gi tin trong cng mng thng qua Switch l da vo a ch MAC hay a ch phn cng ca thit b. Sau khi gi tin oc ng gi th mi bt u c chuyn qua qu trnh phn gii a ch ARP v c chuyn i ARP v c bn l mt qu trnh 2 chiu request/response gia cc thit b trong cng mng ni b. Thit b ngun request bng cch gi mt bn tin broadcast trn ton mng. Thit b ch response bng mt bn tin unicast n thit b ngun
Cc loi bn tin ARP
C hai dng bn tin trong ARP : mt c gi t ngun n ch, v mt c gi t ch n ngun. Request : Khi to qu trnh, gi tin c gi t thit b ngun ti thit b ch Reply : L qu trnh p tr gi tin ARP request, c gi t my ch n my ngun C 4 loi a ch trong mt bn tin ARP : Sender Hardware Address : a ch lp hai ca thit b gi bn tin. Sender Protocol Address : a ch lp ba ( hay a ch logic ) ca thit b gi bn tin Target Hardware Address : a ch lp hai ( a ch phn cng ) ca thit b ch ca bn tin Target Protocol Address : a ch lp ba ( hay a ch logic ) ca thit b ch ca bn tin. Cc bc hot ng ca Arp
Nhom 12
Trang 4
Bc 1: Source Device Checks Cache : Trong bc ny, thit b s kim tra cache ( b m ) ca mnh. Nu c a ch IP ch tng ng vi MAC no ri th lp tc chuyn ln bc 9 Bc 2: . Source Device Generates ARP Request Message : Bt u khi to gi tin ARP Request vi cc trng a ch nh trn Bc 3: Source Device Broadcasts ARP Request Message : Thit b ngun qung b gi tin ARP Request trn ton mng Bc 4: Local Devices Process ARP Request Message: Cc thit b trong mng u nhn c gi tin ARP Request. Gi tin c x l bng cch cc thit b u nhn vo trng a ch Target Protocol Address. Nu trng vi a ch ca mnh th tip tc x l, nu khng th hy gi tin Bc 5: Destination Device Generates ARP Reply Message : Thit b vi IP trng vi IP trong trng Target Protocol Address s bt u qu trnh khi to gi tin ARP Reply bng cch ly cc trng Sender Hardware Address v Sender Protocol Address trong gi tin ARP nhn c a vo lm Target trong gi tin gi i. ng thi thit b s ly a ch datalink ca mnh a vo trng Sender Hardware Address. Bc 6 : Destination Device Updates ARP Cache : Thit b ch ( thit b khi to gi tin ARP Reply ) ng thi cp nht bng nh x a ch IP v MAC ca thit b ngun vo bng ARP cache ca mnh gim bt thi gian x l cho cc ln sau Bc 7: Destination Device Sends ARP Reply Message : Thit b ch bt u gi gi tin Reply c khi to n thit b ngun. Gi tin reply l gi tin gi unicast. Bc 8: Source Device Processes ARP Reply Message : Thit b ngun nhn c gi tin reply v x l bng cch lu trng Sender Hardware Address trong gi reply nh a ch phn cng ca thit b ch Bc 9: Source Device Updates ARP Cache : Thit b ngun update vo ARP cache ca mnh gi tr tng ng gia a ch network v a ch datalink ca thit b ch. M t qu trnh hot ng:
Nhom 12
Trang 5
ARP: Address Resolution Protocol
Nhom 12
Trang 6
C ch RARP: C ch phn gii a ch MAC tm a ch IP
Nhom 12
Trang 7
Bao cao Mang va truyn thng ARP table in host
Nhom 12
Trang 8
C ch hot ng ca ARP table
ARP request
Nhom 12
Trang 9
Kim tra v so snh a ch IP
ARP Reply
Nhom 12
Trang 10
Cp nht a ch MAC vo ARP table
Nhom 12
Trang 11
Bao cao Mang va truyn thng ARP: Local Destination
4.
Nguyn tc lm vic ca ARP trn mng Lan
Khi mt thit b mng mun bit a ch MAC ca mt thit b mng no m n bit a ch tng network (IP, IPX) n s gi mt ARP request bao gm a ch MAC address ca n v a ch IP ca thit b m n cn bit MAC address trn ton b mt min broadcast. Mi mt thit b nhn c request ny s so snh a ch IP trong request vi a ch tng network ca mnh. Nu trng a ch th thit b phi gi ngc li cho thit b gi ARP request mt gi tin (trong c cha a ch MAC ca mnh). Trong mt h thng mng n gin, v d nh PC A mun gi gi tin n PC B v n ch bit c a ch IP ca PC B. Khi PC A s phi gi
Nhom 12
Trang 12
mt ARP broadcast cho ton mng hi xem "a ch MAC ca PC c a ch IP ny l g ?" Khi PC B nhn c broadcast ny, n s so snh a ch IP trong gi tin ny vi a ch IP ca n. Nhn thy a ch l a ch ca mnh, PC B s gi li mt gi tin cho PC A trong c cha a ch MAC ca B. Sau PC A mi bt u truyn gi tin cho B. 5. Nguyn tc lm vic ca ARP trn h thng mng Hot ng ca ARP trong mt mi trng phc tp hn l hai h thng mng gn vi nhau thng qua mt Router C. My A thuc mng A mun gi gi tin n my B thuc mng B. Do cc broadcast khng th truyn qua Router nn khi my A s xem Router C nh mt cu ni hay mt trung gian (Agent) truyn d liu. Trc , my A s bit c a ch IP ca Router C (a ch Gateway) v bit c rng truyn gi tin ti B phi i qua C. Tt c cc thng tin nh vy s c cha trong mt bng gi l bng nh tuyn (routing table). Bng nh tuyn theo c ch ny c lu gi trong mi my. Bng nh tuyn cha thng tin v cc Gateway truy cp vo mt h thng mng no . V d trong trng hp trn trong bng s ch ra rng i ti LAN B phi qua port X ca Router C. Bng nh tuyn s c cha a ch IP ca port X.Qu trnh truyn d liu theo tng bc sau : * My A gi mt ARP request (broadcast) tm a ch MAC ca port X. * Router C tr li, cung cp cho my A a ch MAC ca port X. * My A truyn gi tin n port X ca Router. * Router nhn c gi tin t my A, chuyn gi tin ra port Y ca Router. Trong gi tin c cha a ch IP ca my B. Router s gi ARP request tm a ch MAC ca my B. * My B s tr li cho Router bit a ch MAC ca mnh. Sau khi nhn c a ch MAC ca my B, Router C gi gi tin ca A n B. Trn thc t ngoi dng bng nh tuyn ny ngi ta cn dng phng php proxyARP, trong c mt thit b m nhn nhim v phn gii a ch cho tt c cc thit b khc.Theo cc my trm khng cn gi bng nh tuyn na Router C s c nhim v thc hin, tr li tt c cc ARP request ca tt c cc my . 6. Proxy ARP
Nhom 12
Trang 13
Proxy ARP gip cc my tnh t 1 subnet chuyn packet n cc subnet khc m khng cn cu hnh routing hay default gateway - Cch thc lm vic ca ARP Host A mun send packet n host D (2 subnet khc nhau). V d, ta c host A c 16 subnet mask, ngha l host A ngh rng n trc tip ni vi cc net 172.16.0.0, khi host A cn lin lc vi nhng thit b no m n tin rng l n ang kt ni trc tip ti, n gi 1 ARP request. V th host A ngh rng host D ni trc tip vi n, n gi 1 ARP request ti host D. Host A broadcast 1 ARP request trn subnet A: Gi tin ARP yu cu sau c ng gi trong 1 khung Ethernet vi MAC ca host A l source address ( a ch ngun), v 1 broadcast FFFF.FFFF.FFFF nh l destination address ( i ch ch). V ARP yu cu l broadcast, n i ti tt c cc nodes khc, k c interface e0 ca router, nhng khng n c D (v default th routers ko forward cc broadcasts). V router bit a ch ch 172.16.20.200 l trn subnet khc v c th ti host D, n tr li cho host A a ch MAC ca ring n. y l 1 tr li proxy ARP m router gi cho host A. Proxy ARP reply packet c ng gi trong 1 Ethernet frame vi MAC ca router l source address v MAC ca A l dest. AddressHost A update ARP table ca n: T gi, host A chuyn cc packet n mun gi ti host D n MAC address ca router, v router bit ng n host D, n s forward packet n host D gim. Ni rng ra, ARP cache trn cc hosts trong subnet A c gn MAC ca router khi mun n cc hosts trong subnet B ARP cache ca host A:Khi nhiu IP addresses c nh x ti 1 single MAC address (MAC ca router), s cho ta bit l proxy ARP ang c s dng Interface ca Cisco c cu hnh s dng proxy ARP theo mc nh. i vi interface ni vi ISP, th khng c dng proxy ARP (dng lnh no ip proxy-arp). Proxy ARP c th c disabled trn mi interface: dng proxy ARP trn 1 interface th dng lnh ip proxy-arp u im ca proxy ARP: - C th c thm vo 1 single router trn 1 mng m ko lm nh hng routing tables ca cc routers khc trn mng - Proxy ARP phi c dng trn mng m cc IP hosts ko c cu hnh default
Nhom 12
Trang 14
Bao cao Mang va truyn thng gateway hoc ko c bt c hiu bit no v routing Nhc im ca proxy ARP: - Gia tng lng giao thng ARP
- Hosts cn bng ARP ln hn handle IP-to-MAC address mappings - Ko hot ng vi cc mng m ko s dng ARP phn gii a ch - Ko tng qut ha cho cc m hnh mng. V d nh hn 1 router kt ni 2 mng vt l (nh vy bit chn router no?) - Security s b lm yu. Mt my c th gi mo l my khc ly packets (gi l spoofing)
7.
B nh m
ARP l mt giao thc phn gii a ch ng. Qu trnh gi gi tin Request v Reply s tiu tn bng thng mng. Chnh v vy cng hn ch ti a vic gi gi tin Request v Reply s cng gp phn lm tng kh nng hat ng ca mng.T sinh ra nhu cu ca ARP CachingStatic and Dynamic ARP Cache EntriesARP Cache c dng ging nh mt bng tng ng gia a ch hardware v a ch IP. C hai cch a cc thnh phn tng ng vo bng ARP : Static ARP Cache Entries: y l cch m cc thnh phn tng ng trong bng ARP c a vo ln lt bi ngi qun tr. Cng vic c tin hnh mt cch th cng Dynamic ARP Cache Entries: y l qu trnh m cc thnh phn a ch hardware/IP c a vo ARP cache mt cch hon ton t ng bng phn mm sau khi hon tt qu trnh phn gii a ch. Chng c lu trong cache trong mt khong thi gian v sau s c xa i. Dynamic Cache c s dng rng ri hn v tt c cc qu trnh din ra t ng v khng cn n s tng tc ca ngi qun tr. Tuy nhin static cache vn c phm vi ng dng nht nh ca n. l trng hp m cc workstation nn c static ARP entry n router v file server nm trong mng. iu ny s hn ch vic gi cc gi tin thc hin qu trnh phn gii a ch.Tuy nhin ngoi hn ch ca vic phi nhp bng tay, static cache cn thm hn ch na l khi a ch IP ca cc thit b trong mng thay i th s dn n vic phi thay i ARP cache. Qu trnh xa thng tin trong cache, ta xt trng hp bng cache ca mt thit b A, trong
Nhom 12
Trang 15
c cha thng tin v thit b B trong mng. Nu cc thng tin trong cache c lu mi mi, s c mt s vn nh sau xy ra : a ch phn cng thit v c thay i : y l trng hp khi thit b B c thay i card mng hay thit b giao tip, lm thay i a ch MAC ca thit b. iu ny lm cho cc thng tin trong cache ca A khng cn ng na cng lm cho thng tin trong cache ca A b sai lch Thit b c rt ra khi mng : Khi B c rt ra khi mng nhng A khng c bit, v gy lng ph v ti nguyn ca A lu thng tin khng cn thit v tn thi gian tm kim. trnh c nhng vn ny, cc thng tin trong dynamic cache s c t ng xa sau mt khong thi gian nht nh. Qu trnh ny c thc hin mt cch hon ton t ng khi s dng ARP vi khong thi gian thng xuyn l 10 hoc 20 pht. Sau mt khong thi gian nht nh c lu trong cache, thng tin s c xa i. Ln s dng sau, thng tin s c update tr li. a ch IP ca thit b c thay i : Ngi qun tr hay nh cung cp thay i a ch IP ca B,
II. Nguyn l s dng ARP tn cng mng: Giao thc ARP l rt cn thit v quan trng trong h thng mng ca chng ta, tuy nhin n li khng cp n vn xc thc no c. Khi mt host nhn c gi tin ARP Reply, n hon ton tin tng v mc nhin s dng thng tin s dng sau ny m khng cn bit thng tin c phi tr li t mt host m mnh mong mun hay khng. ARP khng c c ch no kim tra vic c v trn thc t mt host c th chp nhn gi ARP Reply m trc khng cn phi gi gi tin ARP Request. Li dng iu ny, hacker c th trin khai cc phng thc tn cng nh: Man In The Middle, Denial of Service, MAC Flooding. 1. Nguyn l Man in middle:
Nhom 12
Trang 16
Gi s hacker mun theo di host A gi thng tin g cho host B. u tin, hacker s gi gi ARP Reply n host A vi ni dung l a ch MAC ca hacker v a ch IP ca hostB. Tip theo, hacker s gi gi ARP Reply ti host B vi ni dung l MAC ca my hacker v IP ca host A. Nh vy, c hai host A v host B u tip nhn gi ARP Reply v lu vo trong ARP table ca mnh. n lc ny, khi host A mun gi thng tin n host B, n lin tra vo ARP table thy c sn thng tin v a ch MAC ca host B nn s ly thng tin ra s dng, nhng thc cht a ch MAC l ca hacker. ng thi my tnh ca hacker s m chc nng gi l IP Forwading gip chuyn ti ni dung m host A gi qua host B. Host A v host B giao tip bnh thng v khng c cm gic b qua my trung gian l my ca hacker.Trong trng hp khc, hacker s nghe ln thng tin t my bn n Gateway. Nh vy mi hnh ng ra Internet ca bn u b hacker ghi li ht, dn n vic mt mt cc thng tin nhy cm. 2. Nguyn l Denial of service: Cng vn dng k thut trn, hacker tin hnh tn cng bng cch gi gi ARP Reply n ton b cc host trong mng vi ni dung mang theo l a ch IP ca Gateway v a ch MAC khng h tn ti. Nh vy cc host trong mng tin tng rng mnh bit c MAC ca Gateway v khi gi thng tin n Gateway, kt qu l gi n mt ni hon ton khng tn ti. l iu hacker mong mun, ton b cc host trong mng u khng th i ra Internet c. 3. Nguyn l Mac Flooding:
Cch tn cng ny cng dng k thut ARP Poisoning m i tng nhm n l Switch. Hacker s gi nhng gi ARP Reply gi to vi s lng khng l nhm lm Switch x l khng kp v tr nn qu ti. Khi , Switch s khng sc th hin bn cht Layer2 ca mnh na m broadcast gi tin ra ton b cc port ca mnh. Hacker d dng bt c ton b thng tin trong mng ca bn. III. Cch phng chng tn cng kiu ARP Poisoning : ARP Poisoning l mt kiu tn cng dng local, ngha l hacker thc hin tn cng t bn trong mng ca bn. Hu qu ca cch tn cng ny l rt ln, nhng
Nhom 12
Trang 17
ngi qun tr mng cn nm bt r v k thut tn cng ny. Sau y l mt s k thut gip phng chng tn cng kiu ARP Poisoning. 1. i vi mng nh : Ta c th s dng a ch IP tnh v ARP table tnh, khi , bn s lit k bng tay IP no i vi MAC no. Trong Windows c th s dng cu lnh ipconfig /all xem IP v MAC, dng cu lnh arp -s thm vo ARP table. Khi m p tnh nh vy s ngn chn hacker gi cc gi ARP Reply gi to n my ca mnh v khi s dng ARP table tnh th n lun lun khng thay i. Ch rng cch thc ny ch p dng c trong mi trng mng vi quy m nh, nu mng ln hn l khng th v chng ta phi thm vo ARP table bng tay vi s lng qu nhiu. 2. i vi mng ln: Khi qun tr trong mt mng quy m ln, ta c th s dng chc nng Port security. Khi m chc nng Port security ln cc port ca Switch, ta c th quy nh port ch chp nhn mt a ch MAC. Nh vy s ngn chn vic thay i a ch MAC trn my hacker.Ngoi ra cng c th s dng cc cng c, v d nh ArpWatch. N s pht hin v bo co cho bn cc thng tin lin quan n ARP ang din ra trong mng. Nh , nu c hin tng tn cng bng ARP Poisoning th bn c th gii quyt kp thi.
IV.
V d minh ha v cch truyn ti ARP :
Nhom 12
Trang 18
Tng ng: Tng mng, c th thit lp ng kt ni ng tin cy n my tnh c IP: 192.168.3.2 c khng? Tng chuyn vn: Ti s s dng TCP Tng chuyn vn: TCP ! Hy thit lp mt phin lm vic vi my c IP: 192.168.3.2. TCP: IP hy gi TCP SYN ny n 192.168.3.2.
+ Tng 3 = 192.168.3.1 + Tng 2 = 0800:0222:2222 - IP: Tng 2 hy gi gi tin ny n 192.168.3.2
Nhom 12
Trang 19
GVHD: ng Trung Thanh -Tng 2: ARP, hy to 1 nh x cho 192.168.3.2, - ARP: 192.168.3.2 c trong bng ARP khng ? Khng, tng 2 s t gi tin trong phn c nh cho n khi xong 1 ARP.
Nhom 12
Trang 20
-u tin l mt ARP yu cu.Ti l 192.168.3.1 vi MAC l 0800:0222:2222. Bn c phi l 192.168.3.2 ? -ARP: Tng 2 gi MAC s dng ny nh l SRC MAC v yu cu pht ra nh l DST MAC.
Tng 2: Gi tin c gi
Nhom 12
Trang 21
Tng 2: Ti va nhn c1 khung truyn ti MAC, do vy, ti s x l n. 1 giao thc ID xc nh l n theo ARP. Hy tho phn tiu v gi n ti ARP. Tng 2: ARP! y l nhng thng tin dnh cho bn
Nhom 12
Trang 22
ARP: Ti va nhn1 yu cu ARP t 192.168.3.1 . Hy ti thm IP v MAC ca n vo bng ARP ca ti. By gi c th tr li.
ARP: ARP phn hi s ni ti l 192.168.3.2 vi MAC l 0800:0222:1111 ARP: Tng 2, gi MAC ang s dng nh l 1 SRC MAC v 0800:0222:2222 nh l 1 DST MAC
Nhom 12
Trang 23
Tng 2 : Gi tin c gi Tng 2 xc nhn c 1 khung cha MAC, v s x l n. 1 giao thc ID xc nh rng n theo ARP. Phn u ca tng 2 s b tho ra v gi ti ARP.
Nhom 12
Trang 24
Tng 2: ARP! y l nhng thng tin dnh cho bn.
ARP: Ti ca nhn c gi tin phn hi t 192.168.3.2. Hy ti thm IP v MAC ca n vo bng ARP. ARP: Tng 2! Ti c 192.168.3.2 c nh x n 0900:0222:2222
Tng 2: Ti c th gi i rng 1 gi tin cha x l
Nhom 12
Trang 25
TCP: Ti cn gi 1 SYN ACK ti TCP SYN ci m ti nhn c
TCP: Hy gi thng tin ny
TCP: Ly ACK
Nhom 12
Trang 26
TCP: Ti cn cho phn kt thc khc bit l ti ly SYN ACK hon thnh s thit lp phin
-Tng 4: Thng bo vi tng ng dng l phin lm vic ca bn c thit lp.. - Tng ng dng: c, ti s gi 1 vi gi tin
- Tng ng dng: y l gi tin ca bn
Nhom 12
Trang 27
- TCP:Tng ng dng! y l gi tin ca bn
Ti cn gi ACK n gi tin m bn nhn c
-c, ti s gi 1 vi gi tin n 192.168.3.2 - N xc nhn a ch khng c trong bng ARP khng th s dng n trn 1 mng khc. - Theo , c th d liu c gi n 1 cng ni mc nh v n tip theo .
Nhom 12
Trang 28
TCP: Ly ACK
Bao cao Mang va truyn thng V. Kt lun: 1. u im:
Giao thc ARP l rt cn thit v quan trng trong h thng mng ca chng ta. Ban u ARP ch c s dng trong mng Ethernet phn gii a ch IP v a ch MAC. Nhng ngy nay ARP c ng dng rng ri v dng trong cc cng ngh khc da trn lp hai. 2. Nhc im: Khi mt host nhn c gi tin ARP Reply, n hon ton tin tng v mc nhin s dng thng tin s dng sau ny m khng cn bit thng tin c phi tr li t mt host m mnh mong mun hay khng. ARP khng c c ch no kim tra vic c v trn thc t mt host c th chp nhn gi ARP Reply m trc khng cn phi gi gi tin ARP Request. Li dng iu ny, hacker c th trin khai cc phng thc tn cng nh: Man In The Middle, Denial of Service, MAC Flooding.
Nhom 12
Trang 29

Giao TH C ARP

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Giao TH C ARP

Uploaded by

Copyright:

Available Formats

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

GVHD: ng Trung Thanh

Tng quan v giao thc phn gii a ch:

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Cc loi bn tin ARP

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

ARP: Address Resolution Protocol

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

C ch RARP: C ch phn gii a ch MAC tm a ch IP

Bao cao Mang va truyn thng ARP table in host

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

C ch hot ng ca ARP table

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Kim tra v so snh a ch IP

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Cp nht a ch MAC vo ARP table

Bao cao Mang va truyn thng ARP: Local Destination

GVHD: ng Trung Thanh

Nguyn tc lm vic ca ARP trn mng Lan

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

V d minh ha v cch truyn ti ARP :

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

+ Tng 3 = 192.168.3.1 + Tng 2 = 0800:0222:2222 - IP: Tng 2 hy gi gi tin ny n 192.168.3.2

Bao cao Mang va truyn thng

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

Tng 2: ARP! y l nhng thng tin dnh cho bn.

Tng 2: Ti c th gi i rng 1 gi tin cha x l

Bao cao Mang va truyn thng

GVHD: ng Trung Thanh

TCP: Ti cn gi 1 SYN ACK ti TCP SYN ci m ti nhn c

TCP: Hy gi thng tin ny