WO2012003742A1 - Procédé, appareil et système pour empêcher un utilisateur de modifier personnellement une adresse ip - Google Patents

Procédé, appareil et système pour empêcher un utilisateur de modifier personnellement une adresse ip Download PDF

Info

Publication number
WO2012003742A1
WO2012003742A1 PCT/CN2011/073865 CN2011073865W WO2012003742A1 WO 2012003742 A1 WO2012003742 A1 WO 2012003742A1 CN 2011073865 W CN2011073865 W CN 2011073865W WO 2012003742 A1 WO2012003742 A1 WO 2012003742A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
initial
user
accessed user
server
Prior art date
Application number
PCT/CN2011/073865
Other languages
English (en)
Chinese (zh)
Inventor
曾红李
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012003742A1 publication Critical patent/WO2012003742A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security

Definitions

  • the present invention relates to data communication technologies, and in particular, to a method, apparatus and system for preventing a user from modifying an IP address privately. Background technique
  • the 802.lx protocol is based on client/server (Client/Server) access control and authentication protocols. It can restrict unauthorized users/devices from accessing the LAN (Local Area Network) / Wireless Local Area Network (WLAN) through the access port (AP, Access Port).
  • 802.1x authenticates the user/device connected to the switch port. Before the authentication is passed, 802.1x only allows the EAPoL (Extensible Authentication Protocol over LAN) data to pass through the switch port connected to the device; After the authentication is passed, normal data can pass through the Ethernet port smoothly.
  • EAPoL Extensible Authentication Protocol over LAN
  • the 802.lx protocol is a Layer 2 protocol.
  • the IP address of the user is not carried in the protocol. Therefore, the IP address of the 802. lx user cannot be known on the authentication system. Therefore, if the user modifies the IP address privately on the authentication client, the authentication system cannot know it, which will cause the accounting server to still charge with the original IP address.
  • the traditional solution is as follows:
  • the authentication client encapsulates the IP address in a private attribute and sends the IP address to the authentication system through the EAPOL-Key packet.
  • This method is relatively simple. However, since the authentication client and the authentication system are encapsulated by private attributes, the client and the authentication system must agree on the value of the private attribute in advance, which causes the authentication client and the authentication system of different manufacturers to be incompatible. Therefore, this method has not been widely used.
  • IP SOURCE GUARD IP SOURCE GUARD
  • IP SOURCE GUARD source IP spoofing.
  • these technical solutions can prevent users who modify IP addresses from accessing the Internet through traffic control, they cannot force users to go offline. Users cannot get network services, but the accounting server is still counting. Fees are unfair to users. Accordingly, it would be desirable to provide an improved method and apparatus for preventing a user from modifying an IP address privately to overcome the above-discussed deficiencies. Summary of the invention
  • the technical problem to be solved by the present invention is to provide a method, device, and system for preventing a user from modifying an IP address by using a privately modified IP address to prevent an 802. lx user from modifying the IP address privately, and At the same time, the fairness of billing is guaranteed.
  • the present invention provides a method for preventing a user from modifying an IP address privately, including:
  • the authentication system obtains an initial IP address assigned by the dynamic host configuration protocol (DHCP) server to the accessed user, and associates the initial IP address with the media access control of the accessed user (MAC, Media Access) Control ) address corresponding to save;
  • DHCP dynamic host configuration protocol
  • ARP address resolution protocol
  • the method further comprises: configuring a dynamic host configuration protocol listening (DHCP snooping) program on the authentication system, and intercepting, by the DHCP snooping program, an initial IP address assigned by the DHCP server to the accessed user, and The initial IP address is saved corresponding to the MAC address of the accessed user.
  • DHCP snooping dynamic host configuration protocol listening
  • the method includes: searching, according to the correspondence between the initial IP address and the MAC address of the accessed user saved in the authentication system The initial IP address of the accessed user; comparing whether the current IP address of the accessed user is the same as the found initial IP address.
  • the method further includes: initiating an accounting request to the charging server, and carrying the initial IP address of the accessed user to implement IP-based Billing for the address.
  • the method further includes notifying the charging server to stop charging.
  • the present invention also provides an apparatus for preventing a user from modifying an IP address privately, the apparatus comprising: an initial IP address obtaining unit, an ARP request analyzing unit, and an executing unit;
  • the initial IP address obtaining unit is configured to obtain an initial IP address allocated by the dynamic host configuration protocol server to the accessed user, and save the initial IP address corresponding to the MAC address of the accessed user;
  • the ARP request analysis unit is configured to receive an ARP request sent by an accessed user, and obtain a current IP address and a MAC address of the accessed user according to the ARP request, where the execution unit is configured to determine Whether the correspondence between the current IP address and the MAC address of the accessed user obtained by the ARP request analysis unit is the same as the correspondence between the initial IP address and the MAC address saved by the initial IP address obtaining unit, and if the determination is different, the The connected user has gone offline.
  • the initial IP address obtaining unit includes: a DHCP snooping subunit and a storage subunit;
  • the DHCP snooping sub-unit is configured to intercept an initial IP address allocated by the DPCH server to the accessed user;
  • the storage subunit is configured to save the location obtained by the DHCP snooping subunit The initial IP address and MAC address of the accessed user.
  • the execution unit further includes: an IP address lookup subunit, a comparison subunit, and a control subunit; wherein
  • the IP address lookup subunit is configured to find an initial IP address of the accessed user according to the correspondence between the initial IP address and the MAC address of the accessed user saved by the initial IP address obtaining unit;
  • the comparing subunit is configured to compare whether the initial IP address found by the IP address lookup subunit is the same as the current IP address obtained by the ARP request analyzing unit;
  • the control subunit is configured to force the accessed user to go offline when the comparison result of the comparing subunits is different.
  • the apparatus further comprises an authentication unit for completing the access of the user.
  • the device further includes: a charging requesting unit, configured to: after the initial IP address obtaining unit acquires an initial IP address assigned by the DHCP server to the accessed user, initiate a charging request to the charging server, and carry the The initial IP address of the accessed user is described to implement IP address based charging.
  • a charging requesting unit configured to: after the initial IP address obtaining unit acquires an initial IP address assigned by the DHCP server to the accessed user, initiate a charging request to the charging server, and carry the The initial IP address of the accessed user is described to implement IP address based charging.
  • the apparatus further includes a stop charging unit, configured to notify the charging server to stop charging after the accessed user is forced to go offline.
  • a stop charging unit configured to notify the charging server to stop charging after the accessed user is forced to go offline.
  • the present invention also provides a system for preventing a user from modifying an IP address.
  • the system includes: an authentication server, a DHCP server, and a device for preventing a user from modifying an IP address privately; wherein the authentication server is configured to complete user access. ;
  • the DHCP server is configured to allocate an initial IP address to the accessed user.
  • the system further comprises an accounting server for performing charging based on an initial IP address of the accessed user sent by the authentication server.
  • the charging server is further configured to stop charging after the accessed user is forced to go offline.
  • the means for preventing a user from modifying the IP address privately is the same entity as the authentication server.
  • the method, device and system for preventing a user from modifying an IP address by analyzing the ARP request sent by the user after modifying the IP address, obtaining the current IP address and MAC address of the user, and the current IP address and the MAC and the DHCP server The initial IP address assigned to it is compared with the corresponding relationship of the MAC address. If it is different, the user is forced to go offline, thereby preventing the 802.1x user from modifying the IP address privately. Since the user is forced to go offline, the accounting server stops charging, so the user is prevented from modifying the IP address privately, and the fairness of the charging is ensured.
  • FIG. 1 is a flowchart of a first embodiment of a method for preventing a user from modifying an IP address privately
  • FIG. 2 is a flowchart of a second embodiment of a method for preventing a user from modifying an IP address privately
  • FIG. 4 is a schematic structural view of an embodiment of an apparatus for preventing a user from modifying an IP address privately;
  • FIG. 5 is a schematic structural diagram of another embodiment of an apparatus for preventing a user from modifying an IP address privately. detailed description
  • the present invention provides a method, device, and system for preventing a user from modifying an IP address privately, and can prevent the 802.1 X user from modifying the IP address privately by forcibly modifying the user of the IP address to go offline.
  • FIG. 1 is a flowchart of a first embodiment of a method for preventing a user from modifying an IP address privately.
  • the method for preventing a user from modifying an IP address privately includes the following steps:
  • Step S101 The authentication system acquires an initial IP address assigned by the DHCP server to the accessed user, and saves the initial IP address corresponding to the MAC address of the accessed user.
  • the step can be implemented by configuring a DHCP snooping program on the authentication system.
  • the authentication system can automatically intercept the binding relationship between the initial IP address and the MAC of the DHCP server.
  • Step S102 The authentication system receives the ARP request sent by the accessed user, and obtains the current IP address and MAC address of the accessed user according to the APR request. Specifically, after the user privately modifies the IP address, the user will automatically send a free ARP request to check whether there is an address conflict. After receiving the ARP request, the authentication system analyzes the content of the packet to obtain the current IP address and MAC address after the user modifies the IP address.
  • Step S103 determining whether the correspondence between the current IP address and the MAC address of the accessed user is the same as the correspondence between the initial IP address and the MAC address saved in the authentication system, and if not, forcing the received Enter the user offline. Specifically, forcing the accessed user to go offline includes notifying the charging server to stop charging.
  • determining whether the correspondence between the current IP address and the MAC address of the accessed user and the initial IP address and the MAC address stored in the authentication system are the same includes: according to the saved in the authentication system.
  • the correspondence between the initial IP address and the MAC address of the accessed user finds the initial IP address of the user; and compares whether the current IP address of the accessed user is the same as the found initial IP address. Because the method for preventing the user from modifying the IP address by itself is analyzed, the current IP address and MAC address of the user are obtained by analyzing the ARP request sent by the user after modifying the IP address, and the current IP address and MAC address are assigned to the user by the DHCP server. The initial IP address is compared with the MAC address.
  • mapping is different, the user is forced to go offline. This prevents the 802.1x user from modifying the IP address privately. Since the user is forced to go offline, the accounting server stops charging. Therefore, the user is prevented from modifying the IP address privately, and the fairness of the charging is ensured.
  • FIG. 2 is a flowchart of a second embodiment of a method for preventing a user from modifying an IP address privately. As shown in FIG. 2, the method for preventing a user from modifying an IP address by using a second embodiment includes the following steps:
  • Step S201 Configure a DHCP snooping program on the authentication system.
  • Step S202 The authentication system authenticates the user who initiated the authentication request: if the authentication is passed, the process proceeds to step S203; if the authentication fails, the process proceeds to step S204.
  • Step S203 The user client automatically sends a DHCP application IP address.
  • Step S204 The user goes offline.
  • Step S205 The authentication system intercepts the DHCP file through the DHCP snooping program, and obtains
  • the initial IP address assigned to the user by the DHCP server is the initial IP address assigned to the user by the DHCP server.
  • Step S206 The authentication system initiates an accounting request to the accounting server, and carries the initial IP address of the accessed user to implement IP address-based charging.
  • Step S207 After the user privately modifies the IP address, the user initiates a free ARP request.
  • Step S208 The authentication system receives the ARP request, analyzes the content of the packet, and obtains the current IP address and MAC address of the user.
  • Step S209 It is determined whether the correspondence between the current IP address and the MAC address of the accessed user is the same as the initial IP address and the MAC address stored in the authentication system. If they are the same, step S211 is performed; Then, step S210 is performed. Specifically, the step is implemented as follows: First, according to the initial IP of the accessed user saved in the authentication system The correspondence between the address and the MAC address finds the initial IP address of the user; and then compares whether the current IP address of the accessed user is the same as the found initial IP address.
  • Step S210 The user goes offline and notifies the charging server to stop charging. Specifically, it can be implemented by sending a charging stop message to the accounting server.
  • the method for preventing a user from modifying an IP address in this embodiment, by analyzing an ARP request sent by a user after modifying an IP address, obtaining a current IP address and a MAC address of the user, and assigning the current IP address and the MAC address to the initial of the DHCP server to the user If the mapping between the IP address and the MAC address is different, the user is forced to go offline, which prevents the 802.1x user from modifying the IP address privately. Since the user is forced to go offline, the accounting server stops charging. Therefore, the user is prevented from modifying the IP address privately, and the fairness of the charging is ensured.
  • Figure 3 is a block diagram showing an embodiment of a system for preventing a user from privately tampering with an IP address.
  • the system for preventing a user from modifying an IP address privately includes: a DHCP server 31, an authentication server 32, and a device for preventing a user from modifying an IP address privately.
  • the device for preventing the user from modifying the IP address and the authentication server 32 are the same entity, that is, the device for preventing the user from modifying the IP address is configured on the authentication server 32, but The device for preventing the user from modifying the IP address privately may also be an entity independent of the authentication server 32.
  • the authentication server 32 is configured to complete access by the user 34.
  • the DHCP server 31 is configured to allocate an initial IP address to the user 34.
  • the system for preventing the user from modifying the IP address by itself may further include an accounting server 33 for performing charging based on the initial IP address of the accessed user sent by the authentication server 32.
  • the charging server 33 may be further configured to stop charging after the authentication server 32 forces the accessed user to go offline.
  • the system for preventing the user from modifying the IP address privately obtains the current IP address and MAC address of the user who privately modifies the IP address through the ARP request, and assigns the current IP address and the MAC address to the initial IP address of the DHCP server.
  • the correspondence between the MAC addresses is compared. If they are different, the connected users are forced to go offline, so as to prevent the 802.1x users from modifying the IP address privately. Since the user is forced to go offline, the accounting server stops charging. Therefore, the user is prevented from modifying the IP address privately, and the fairness of the charging is ensured.
  • Figure 4 is a block diagram showing the structure of an embodiment of an apparatus for preventing a user from modifying an IP address privately.
  • the apparatus 4 for preventing a user from modifying an IP address in this embodiment includes: an initial IP address obtaining unit 41, an ARP request analyzing unit 43, and an executing unit 42; wherein the initial IP address obtaining unit 41, And configured to obtain an initial IP address allocated by the dynamic host configuration protocol server to the accessed user, and save the initial IP address corresponding to the MAC address of the accessed user;
  • the ARP request analyzing unit 43 is configured to receive an ARP request sent by the accessed user, and obtain a current IP address and a MAC address of the accessed user according to the ARP request, where the executing unit 42 is configured to: Determining whether the correspondence between the current IP address and the MAC address of the accessed user obtained by the ARP request analysis unit 43 is the same as the initial IP address and the MAC address stored by the initial IP address obtaining unit 41, if different, The access user is forced to go offline.
  • the initial IP address 41 obtaining unit includes: a DHCP snooping subunit 411 and a storage subunit 412;
  • the DHCP snooping subunit 411 is configured to intercept a DHCP server and assign it to the connected Enter the user's initial IP address;
  • the storage subunit 412 is configured to correspondingly save an initial IP address and a MAC address of the accessed user obtained by the DHCP snooping subunit 411.
  • the execution unit 42 includes: an IP address lookup subunit 421, a comparison subunit 422, and a control subunit 423;
  • the IP address lookup subunit 421 is configured to find the initial IP address of the user according to the correspondence between the initial IP address and the MAC address of the accessed user saved by the initial IP address obtaining unit 41.
  • the comparison sub-unit 422 is configured to compare whether the initial IP address found by the IP address lookup sub-unit 421 is the same as the current IP address obtained by the ARP request analysis unit 43; forcing the accessed user to go offline. Since the user is forced to go offline, the accounting server stops charging. Therefore, the user is prevented from modifying the IP address privately, and the fairness of the charging is ensured.
  • FIG. 5 is a block diagram showing another embodiment of an apparatus for preventing a user from modifying an IP address privately.
  • the apparatus for preventing a user from modifying an IP address privately includes: an initial IP address obtaining unit 51, an ARP request analyzing unit 53, an executing unit 52, an authenticating unit 54, and a charging requesting unit 55;
  • the initial IP address obtaining unit 51 is configured to acquire, by the DHCP server, the ARP request analyzing unit 53 for receiving the ARP request sent by the accessed user, and obtain the ARP request according to the ARP request.
  • the current IP address and the MAC address of the accessed user are used to determine the correspondence between the current IP address and the MAC address of the accessed user obtained by the ARP request analyzing unit 53 and the initial IP address. Whether the correspondence between the initial IP address and the MAC address saved by the obtaining unit 51 is the same. If the information is different, the access user is forced to go offline and the accounting server is notified to stop charging.
  • the authentication unit 54 is configured to complete access by a user.
  • the charging requesting unit 55 is configured to: after the initial IP address obtaining unit 51 acquires an initial IP address assigned by the DHCP server to the accessed user, initiate an accounting request to the charging server, and carry the accessed The user's initial IP address to implement IP address-based charging.
  • the correspondence between the MAC addresses is compared. If they are different, the connected users are forced to go offline, so as to prevent the 802.1x users from modifying the IP address privately. Since the user is forced to go offline, the accounting server stops charging, so that the user is allowed to modify the IP address privately, and the fairness of the charging is ensured.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé pour empêcher un utilisateur de modifier personnellement une adresse de protocole Internet (IP). Le procédé comprend les étapes suivantes : obtention, par un système d'authentification, d'une adresse IP initiale qui est attribuée à un utilisateur en cours d'accès par un serveur à protocole de configuration de serveur dynamique (DHCP) et enregistrement de l'adresse IP en correspondance avec l'adresse de commande d'accès au support (MAC) de l'utilisateur (S101) ; réception d'une demande de protocole de résolution d'adresse (ARP) envoyée par l'utilisateur en cours d'accès et obtention, en se basant sur la demande d'ARP, d'une adresse IP courante et de l'adresse MAC de l'utilisateur en cours d'accès (S102) ; détermination du fait que la relation correspondante entre l'adresse IP courante et l'adresse MAC de l'utilisateur en cours d'accès est identique à la relation correspondante entre l'adresse IP initiale et l'adresse MAC enregistrées dans le système d'authentification et, à défaut, forçage de la déconnexion de l'utilisateur en cours d'accès (S103). L'invention concerne également un appareil et un système pour empêcher un utilisateur de modifier personnellement une adresse IP. Le procédé, l'appareil et le système pour empêcher l'utilisateur de modifier personnellement une adresse IP selon l'invention permettent de réaliser l'objectif d'empêcher l'utilisateur du 802.1x de modifier personnellement l'adresse IP en forçant la déconnexion de l'utilisateur qui modifie personnellement l'adresse IP.
PCT/CN2011/073865 2010-07-06 2011-05-10 Procédé, appareil et système pour empêcher un utilisateur de modifier personnellement une adresse ip WO2012003742A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010220088.XA CN101895587B (zh) 2010-07-06 2010-07-06 防止用户私自修改ip地址的方法、装置和系统
CN201010220088.X 2010-07-06

Publications (1)

Publication Number Publication Date
WO2012003742A1 true WO2012003742A1 (fr) 2012-01-12

Family

ID=43104652

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/073865 WO2012003742A1 (fr) 2010-07-06 2011-05-10 Procédé, appareil et système pour empêcher un utilisateur de modifier personnellement une adresse ip

Country Status (2)

Country Link
CN (1) CN101895587B (fr)
WO (1) WO2012003742A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095722A (zh) * 2013-02-01 2013-05-08 华为技术有限公司 一种更新网络安全表的方法及网络设备、dhcp服务器
CN116846687A (zh) * 2023-08-30 2023-10-03 北京格尔国信科技有限公司 一种网络安全监测方法、系统、装置及存储介质

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101895587B (zh) * 2010-07-06 2015-09-16 中兴通讯股份有限公司 防止用户私自修改ip地址的方法、装置和系统
CN102158866B (zh) 2011-02-01 2014-02-26 杭州华三通信技术有限公司 应用于wlan中的验证方法和装置
CN102316034B (zh) * 2011-09-06 2017-05-10 中兴通讯股份有限公司 局域网内防止手动指定ip地址的方法及装置
CN106211163B (zh) * 2016-07-29 2019-08-16 Oppo广东移动通信有限公司 安全联网的方法和装置
CN109274784A (zh) * 2018-11-13 2019-01-25 郑州云海信息技术有限公司 基于openstack的IP和MAC地址绑定方法、装置、终端及存储介质
CN112187740B (zh) * 2020-09-14 2022-09-16 锐捷网络股份有限公司 一种网络接入控制方法、装置、电子设备及存储介质
CN112929460A (zh) * 2021-01-20 2021-06-08 苏州长风航空电子有限公司 一种基于Linux系统的IP地址配置方法及配置装置
CN113556337A (zh) * 2021-07-20 2021-10-26 迈普通信技术股份有限公司 终端地址识别方法、网络系统、电子设备及存储介质
CN115834525B (zh) * 2022-11-18 2024-05-28 湖北天融信网络安全技术有限公司 基于arp控制的终端准入方法、装置、电子设备及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1450756A (zh) * 2002-04-08 2003-10-22 华为技术有限公司 一种接入设备实时探测以太网接入计算机在线状态的方法
CN1933419A (zh) * 2005-09-15 2007-03-21 英业达股份有限公司 Ip地址更新系统以及方法
CN101641933A (zh) * 2006-12-22 2010-02-03 艾利森电话股份有限公司 电子欺骗的防止
CN101895587A (zh) * 2010-07-06 2010-11-24 中兴通讯股份有限公司 防止用户私自修改ip地址的方法、装置和系统

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1233135C (zh) * 2002-06-22 2005-12-21 华为技术有限公司 一种动态地址分配中防止ip地址欺骗的方法
KR100533785B1 (ko) * 2003-06-19 2005-12-06 주식회사 인티게이트 Dhcp 패킷을 이용한 동적 ip 주소할당 환경에서의arp/ip 스푸핑 자동 방지 방법
JP2006094417A (ja) * 2004-09-27 2006-04-06 Nec Corp 加入者回線収容装置およびパケットフィルタリング方法
TW200711437A (en) * 2005-09-02 2007-03-16 Digital United Inc Network certification system and method
CN200973108Y (zh) * 2006-06-29 2007-11-07 中兴通讯股份有限公司 实现安全访问的接入设备
CN101188510A (zh) * 2006-11-16 2008-05-28 华为技术有限公司 地址集中控制的方法、设备及系统
CN101370019B (zh) * 2008-09-26 2011-06-22 北京星网锐捷网络技术有限公司 防止地址解析协议报文欺骗攻击的方法及交换机

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1450756A (zh) * 2002-04-08 2003-10-22 华为技术有限公司 一种接入设备实时探测以太网接入计算机在线状态的方法
CN1933419A (zh) * 2005-09-15 2007-03-21 英业达股份有限公司 Ip地址更新系统以及方法
CN101641933A (zh) * 2006-12-22 2010-02-03 艾利森电话股份有限公司 电子欺骗的防止
CN101895587A (zh) * 2010-07-06 2010-11-24 中兴通讯股份有限公司 防止用户私自修改ip地址的方法、装置和系统

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095722A (zh) * 2013-02-01 2013-05-08 华为技术有限公司 一种更新网络安全表的方法及网络设备、dhcp服务器
CN116846687A (zh) * 2023-08-30 2023-10-03 北京格尔国信科技有限公司 一种网络安全监测方法、系统、装置及存储介质
CN116846687B (zh) * 2023-08-30 2023-11-21 北京格尔国信科技有限公司 一种网络安全监测方法、系统、装置及存储介质

Also Published As

Publication number Publication date
CN101895587B (zh) 2015-09-16
CN101895587A (zh) 2010-11-24

Similar Documents

Publication Publication Date Title
WO2012003742A1 (fr) Procédé, appareil et système pour empêcher un utilisateur de modifier personnellement une adresse ip
US10142159B2 (en) IP address allocation
WO2015101125A1 (fr) Procédé et dispositif de contrôle d'accès au réseau
WO2013163944A1 (fr) Procédé de partage de comptes d'informatique en nuage pour services iaas, plateforme de partage et dispositif de réseau
US20140282920A1 (en) Dynamically selecting a dhcp server for a client terminal
WO2006088585A2 (fr) Systeme et procede de reduction du temps de transfert de session d'un reseau cellulaire a un reseau wi-fi
WO2010003354A1 (fr) Serveur d'authentification et procédé de commande pour l'accès d'un terminal de communication mobile à un réseau privé virtuel
WO2017215492A1 (fr) Procédé et appareil de détection de dispositif
WO2012034413A1 (fr) Procédé de gestion d'utilisateur de double pile et serveur d'accès à large bande
WO2017219748A1 (fr) Procédé et dispositif permettant une détermination d'autorisation d'accès et un accès à une page
EP2928141A1 (fr) Procédé, dispositif et système de dépistage d'adresses ipv6
CN112583910B (zh) 物联网平台的设备接入方法、装置及电子设备和存储介质
WO2012089039A1 (fr) Procédé et dispositif pour fournir des informations d'utilisateur à un appareil de traduction d'adresse réseau à grande échelle (cgn)
WO2015196755A1 (fr) Procédé d'attribution d'adresses dans un réseau de séparation de localisateurs et d'identifiants d'abonnés, et routeur de service d'accès
WO2011147371A1 (fr) Procédé et système pour la mise en œuvre d'une transmission de données entre des machines virtuelles
WO2009012675A1 (fr) Passerelle de réseau d'accès, terminal, procédé et système pour établir une connexion de données
CN112615810B (zh) 一种访问控制方法及装置
WO2012089001A1 (fr) Procédé et dispositif d'allocation d'adresse ip
WO2017124965A1 (fr) Procédé d'accès réseau pour terminal à système d'exploitation multiple et terminal à système d'exploitation multiple
WO2009079895A1 (fr) Procédé permettant d'attribuer une adresse ip secondaire sur la base d'une authentification d'accès dhcp
WO2010000157A1 (fr) Procédé de configuration, équipement et système de dispositif d'accès
WO2012126335A1 (fr) Procédé de contrôle d'accès, dispositif d'accès et système
US20240098583A1 (en) PDU session continuity for a UE moving between a telecommunications network and a gateway device
WO2009079896A1 (fr) Procédé d'authenfication d'accès utilisateur fondé sur un protocole de configuration d'hôte dynamique
WO2021121040A1 (fr) Procédé et appareil d'accès à large bande, dispositif et support de stockage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11803096

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11803096

Country of ref document: EP

Kind code of ref document: A1