Browse > Article
http://dx.doi.org/10.7236/JIWIT.2011.11.6.093

An Internet Stopper Using ARP Spoofing with Automatic Node Identification  

Jung, In-Hwan (한성대학교 컴퓨터공학과)
Publication Information
The Journal of the Institute of Internet, Broadcasting and Communication / v.11, no.6, 2011 , pp. 93-106 More about this Journal
Abstract
In this paper we describe an efficient and easy to use internet stopper, which is called AINS (Automatic Internet Stopper), which uses ARP spoofing scheme. Instead of forwarding packets to router for the case of hacking, in ARP spoofing, the AINS ignores all the packets so that internet stopping operates. The AINS program needs to be installed only in manager computer that does not require additional agent program. In addition to setting manually the stopping computer list, it is able to indentify network nodes automatically by analyzing broadcasting packets. The experimental results show that less than 4 secs for spoofing interval is enough for blocking internet usage regardless the number of computers and therefore network overhead is negligible. The AINS can indentify and control network nodes not only on same subnet but also on different subnet only if they are connected onto same ethernet switch physically. It is being used for an efficient tool for controling internet usage of university computer laboratory and also for an efficient network management.
Keywords
Internet Stopper; ARP; Spoofing; IP Routing; Automatic Node Identification;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Sean Whalen, An Introducation to Arp Spoofing, April 2001
2 CERTCC-KR, IP spoofing 공격과 대책, CERTCC-KR 기술문서(http://www.certcc.or .kr/a dvisory/tr/IPspoof.html)
3 Metcalfe, Robert M. and Boggs, David R. (July 1976). "Ethernet: Distributed Packet Switching for Local Computer Networks". Communications of the ACM 19 (5): pp. 395-405   DOI
4 David C. Plummer (1982-11). "RFC 826, An Ethernet Address Resolution Protocol ". Internet Engineering Task Force, Network Working Group. http://tools.ietf.org/html/rfc826.
5 Cain & Abel, http://www.oxid.it/cain.html
6 Brad Sanford, IP fragmentation and Fragrouter, http://www.sans.org/InforSecFAQ/encryption/IP_Frag.html, 2000
7 F. Risso and L. Degioanni, "An Architecture for High Performance Network Analysis", Proceedings of the Sixth IEEE Symposium on Computers and Communications, pp. 686 - 693, 2001. http://www.winpcap.org/
8 V. Jacobson, C. Leres and S. McCanne, libpcap, Lawrence Berkeley Laboratory, Berkeley, CA. Initial public release June, 1994. Available now at http://www.tcpdump.org/
9 IETF, Protocol standard for a NetBIOS service on a TCP/UDP transport: Concept and methods, RFC 1001
10 IETF, Internet Standard Subnetting Procedure, RFC 950
11 IpHlpApi Library, Microsoft Platform SDK
12 McPherson, D. and B. Dykes, "VLAN Aggregation for Efficient IP Address Allocation," RFC 3069, February 2001.