J4 ›› 2010, Vol. 32 ›› Issue (12): 15-18.doi: 10.3969/j.issn.1007130X.2010.
• 论文 • Previous Articles Next Articles
CHEN Xinnan1,Hu Huaping1,2,YUE Hong2
Received:
Revised:
Online:
Published:
Abstract:
In the switchbased LAN environment,the means of defending the ARP spoofing is maturing,leading to the sniffer based on the ARP spoofing is vulnerable to being intercepted and killed by security software,so it lacks sniffing effect. In this paper,one nonARP spoofing,which is called MAC spoofing,is proposed,and a LAN sniffer prototype based on the MAC spoofing is also designed and implemented. Compared with the traditional ARP spoofing,the MAC spoofing can bypass a variety of ARP spoofing defense tools and succeed to intercept the network data,as well as carrying on the Denial of Service attacks. Through the use of a timealternate mechanism,a filtering mechanism and other key technologies,the efficiency and accuracy of the sniffer can be highly improved. The testing result shows that the sniffer may be better to break through the interception and killing of security software,and achieve the effect of sniffing.
Key words: ARP spoofing;MAC spoofing;switch environment;LAN;sniffer
CHEN Xinnan1,Hu Huaping1,2,YUE Hong2. Design and Implementation of the Sniffer Prototype Based on the MAC Spoofing[J]. J4, 2010, 32(12): 15-18.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://joces.nudt.edu.cn/EN/10.3969/j.issn.1007130X.2010.
http://joces.nudt.edu.cn/EN/Y2010/V32/I12/15
