Алгоритмы защиты ARP

Algorithm 1 update arp cache

1: if DHCP packet is received then

2:   if message type is DHCPACK then

3:       IP ← ‘your IP address’ field value

4:       if IP != server’s IP then

5:          MAC ← ‘client’s hardware address’ field value

6:          Add (IP, MAC) to server’s ARP cache

7:          Add (IP, MAC) to backup file

8:       end if

9:    else if message type is DHCPRELEASE then

10:      IP ← ‘your IP address’ field value

11:      if IP != server’s IP then

12:         Remove (IP, ?) from server’s ARP cache

13:         Remove (IP, ?) from backup file

14:      end if

15:   else if message type is DHCPDECLINE then

16:      IP ← ‘requested IP address’ options field value

17:      if IP != server’s IP then

18:         Remove (IP, ?) from server’s ARP cache

19:         Remove (IP, ?) from backup file

20:      end if

21:   else

22:      NOOP

23:   end if



24:end if


Algorithm 2 send arp reply

1: if ARP message is received then

2:    if operation field = REQUEST then

3:       TPA ← Target Protocol Address field value

4:       Create an ARP REPLY message

5:       Sender Protocol Address field ← TPA

6:       if TPA = server’s IP address then

7:          SHA ← server’s MAC address

8:       else

9:          Find (TPA, MAC) mapping in ARP cache

10:         if (TPA, MAC) does not exist then

11:            return //No response is sent

12:         end if

13:         SHA ← MAC address in (TPA, MAC)

14:      end if

15:      Sender Hardware Address field ← SHA

16:      Send ARP response to requesting host

17:   end if

18:end if

—————————————————————–
Дальнейшее – за гуру скриптинга. Скрипткидди, проходьте мимо!

 

Алгоритмы защиты ARP