![](/user_photo/2706_HbeT2.jpg)
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK11x1.jpg)
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK12x1.jpg)
IP-MAC-Port Binding
( IP-MAC-
)
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK13x1.jpg)
|
|
IP-MAC-Port Binding |
||
|
o |
|
|
|
IP-MAC- |
(IP-MAC-Port Binding) |
|
||
IP-MAC-Port Binding |
D-Link |
|
||
|
|
IP |
MAC- |
, |
. |
- |
|
|
, |
|
|
MAC- |
|
- . |
|
|
ETTH/ ETTB |
|
|
|
|
IP-MAC-Port |
|
|
|
|
Binding |
|
|
|
|
|
4 |
|
|
|
3 |
|
IP-MAC- |
|
|
|
|
|
|
|
2 |
|
– MAC- |
|
|
|
|
|
|
1 |
|
|
!! |
|
|
|
|
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK14x1.jpg)
IP-MAC-Port binding?
•D-Link IP-MAC binding
IP-MAC-Port binding
.
•IP-MAC-Port binding : ARP (
), ACL
DHCP Snooping.
:
ARP |
ACL |
ACL
ACL,
hacker/sniffer
MAC
ACL
•IP-MAC-Port Binding L2
xStack – DES3000 (
ARP Mode), DES-3028/3052 (ARP Mode
DHCP Snooping) DES3500 (R4 – ARP, ACL Mode
DHCP Snooping), L3 - DES-3800 (R3 – ARP, ACL Mode
DHCP Snooping), DGS-3600
DGS-3400.
• IP-MAC-Port binding,
,
ARP Poison Routing.
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK15x1.jpg)
1: |
|
A B |
, |
A (sniffer) |
|
|
ARP |
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
??? |
IP C |
|
|
|
|
|||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SA B |
IP B |
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK16x1.jpg)
2:
C
IP/MAC.
C
ARP-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DA B |
IP B |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SA C |
IP C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK17x1.jpg)
3:
A
TCP
C
C
SYN
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DA C |
IP C |
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SA A |
IP A |
||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK18x1.jpg)
4: . .
A
, DES-3526
,
,
C
SYN
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DA C |
IP C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SA A |
IP A |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK19x1.jpg)
2.
ACL
ARP
Man-in-the-Middle
1: Sniffer C (Man in the middle)
ARP-Reply
A
B
|
|
|
|
|
A |
|
|
|
|
|
B |
|
|
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|
||||||
|
|
|
|
|
|
|
|
|
|
||
|
|
|
|
|
|
|
|
|
|
|
|
DA A |
IP A |
|
|
SA C |
IP B |
|
|
DA B |
IP B |
|
|
SA C |
IP A |
|
|
ARP-
![](/html/2706/595/html_d7sAPww4jA.oTql/htmlconvd-1LaZMK20x1.jpg)
2:
A
TCP
B
A |
B |
|
SYN |
DA C |
IP B |
|
|
|
|
SA A |
IP A |
|
|
|
SYN
C (
IP-MAC-Port binding)