DHCP安全问题及其防范措施
摘要
本文主要介绍计算机网络当中一个比较常见的安全问题—DHCP的安全问题。
DHCP称作动态主机分配协议(Dynamic Host Configuration Protocol, DHCP)是一个局域网的网络协议,使用UDP协议工作,主要有两个用途:给内部网络或网络服务供应商自动分配IP地址给用户给内部网络管理员作为对所有计算机作中央管理的手段。
DHCP用一台或一组DHCP服务器来管理网络参数的分配,这种方案具有容错性。即使在一个仅拥有少量机器的网络中,DHCP仍然是有用的,因为一台机器可以几乎不造成任何影响地被增加到本地网络中。甚至对于那些很少改变地址的服务器来说,DHCP仍然被建议用来设置它们的地址。如果服务器需要被重新分配地址(RFC2071)的时候,就可以在尽可能少的地方去做这些改动。对于一些设备,如路由器和防火墙,则不应使用DHCP。把TFTP或SSH服务器放在同一台运行DHCP的机器上也是有用的,目的是为了集中管理。
tcp ip协议的安全隐患DHCP也可用于直接为服务器和桌面计算机分配地址,并且通过一个PPP代理,也可为拨号及
宽带主机,以及住宅NAT网关和路由器分配地址。DHCP一般不适用于使用在无边际路由器和DNS服务器上
DHCP安全问题在网络安全方面是一个不可忽略的问题,这种问题内部网络及网络服务提供商在分配IP地址造成的IP冲突、伪造DHCP服务器等攻击。本文介绍了如何防范和解决此类问题的方法和步骤。
关键字:计算机、DHCP、安全问题、攻击
DHCP safety and safeguards
ABSTRACT
This paper mainly introduces the computer network of a common security problems and DHCP safety problems.
DHCP dynamic distribution agreement called the mainframe (Dynamic host configuration protocol and DHCP ) is a LAN network protocols, the use of UDP agreement, there are tw
o major purpose : to the internal network or network service provider the IP address assigned to the user to the internal network administrator in all computer on the central administration.
DHCP with one or a set of DHCP server to manage the distribution network parameters, the scheme has a fault tolerance. Even in a small amount of the machine has a network, and DHCP is still useful, for a machine can hardly have any influence, have been added to the local network. Even for those who rarely change the address of the server and DHCP still being proposed to set the address. If the server needs to be reassigned address ( rfc2071 ), it can be as few as possible to do these changes. For some equipment, such as the router and should not be used DHCP. The TFTP server or SSH in with a DHCP machine is also useful in order to administer.
DHCP may also directly to the server and desktop computers, and the assignment of addresses by a PPP agent or a dialing, and broadband host, and the house assignment of addresses NAT gateway and routers generally do not apply. DHCP use in the DNS server marginal routers.
DHCP security issues in the network security is not to neglect the issue of the internal network and the network service provider in the allocation of IP address of the conflict and DHCP server IP, forgery attack. This article explains how to prevent and resolve the problem of methods and procedures.
Keyword: Computer、DHCP、SafetyAttack

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。