摘要
文章探讨了局域网环境下,网络的脆弱性及安全防护方法和技术。涉及网络管理员监控局域网的方法,MAC地址表的形成过程及交换机的工作原理、交换机端口的port-security属性,攻击者利用MAC地址表的脆弱实施MAC地址泛洪攻击的原理、后果及防御方法;进一步探讨了局域网中常见的服务的脆弱性,DHCP服务的工作原理及针对DHCP服务的攻击后果,探讨了采用DHCP Snooping技术进行防御的方法;阐述了网络安全防护的重要性,提出了加强网络安全的方法和实施技术。
This paper discusses the vulnerability of the network and the methods and technologies of security protection in the LAN environment.It involves the method of network administrator monitoring LAN,the information process of MAC address table and the working principle of switch,the port-security attribute of switch port,and the principle,consequences and defense method of MAC address flooding attack by using the vulnerability of MAC address table.It is also further discusses the vulnerability of common services in LAN,the working principle of DHCP service and the attack consequences of DHCP service,and discusses the defense method using DHCP snooping technology.This paper expounds the importance of network security protection,and puts forward the methods and implementation technology of strengthening network security.
作者
劳翠金
秦燊
Lao Cuijin;Qin Shen(Information Engineering Department,Liuzhou City Vocational College,Liuzhou 545000,China)
出处
《无线互联科技》
2022年第20期106-108,共3页
Wireless Internet Technology
基金
柳州城市职业学院2021年度科研立项课题,项目名称:基于虚拟化技术的网络组建及网络安全研究,项目编号:2021KYB04。
