Shulou(Shulou.com)06/01 Report--

This article provides you with tips on how to prevent mac address cloning and IP theft. The article uses WSG Internet behavior management gateway to deal with IP address theft and MAC address cloning, I hope you can gain something through this article.

How to prevent IP address theft?

There are two possibilities for IP address theft: the first is to modify it to an IP address outside the control range; the second is to modify it to the IP address of other terminals in the local area network.

For the first case, you only need to pass a firewall policy or behavior management policy to prohibit everything outside the IP range. As shown in the figure:

Stealing an existing IP address can lead to IP address conflicts, which few people dare to do openly. Of course, to prevent theft of existing IP addresses, you can also open IP-MAC binding. After the binding is enabled, only when the IP address and MAC address match can you access the Internet. As shown in the figure:

As long as IP-MAC binding is done, even if the IP address is modified to an IP address with other permissions in the local area network, it is also impossible to access the Internet. This will prevent the behavior of modifying IP by itself.

How to prevent MAC address cloning?

MAC address cloning is basically two ways:

1). Modify your MAC address to bypass surveillance. However, most control policies are based on IP addresses, and it is useless to modify MAC. If you want to prevent MAC modification, it is sufficient to turn on IP-mac binding.

2). Connect the router privately and modify the MAC and IP of the router to the MAC and IP of the computer. Then use the router to bring devices such as PCs and mobile phones.

The second situation is more complicated than the first. From the perspective of upper Internet behavior management and firewall equipment, IP and MAC addresses are legal, but in fact there are more private devices. At this time, you need to use another module "shared detection". As shown in the figure:

The sharing detection module can detect the network sharing behavior described above, and can see the secondary terminal device below this device. As shown in the figure:

This allows you to detect the behavior of private routers.

To sum up, in combination with ip control, IP-MAC binding, and sharing detection, violations such as "mac address cloning" and "IP theft" in the local area network can be effectively controlled.

About preventing mac address cloning and IP theft methods to share here, I hope the above content can be of some help to everyone, you can learn more knowledge. If you like this post, share it with more people.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.