- 學位論文
以RADIUS和DHCP為基礎的網管系統之研究
A Study of Network Management System Based on RADIUS and DHCP
摘要
定位使用者位置及IP盜用問題是IP地址管理的兩大難題,正確的定位使用者位置,能在網路發生問題時協助管理者找出問題的所在進而加以排除,而成功防止IP盜用則能避免惡意的資料竊取。 本研究使用已普及於網路設備的功能來達成快速定位使用者位置並防止IP盜用問題。其中802.1X只允許授權的使用者能使用網路,RADIUS accounting提供使用者、使用者所在位置和網卡MAC地址資訊,DHCP動態分配IP地址解決移動式上網設備的問題並取得MAC地址與IP地址的關聯,由此進一步取得使用者、使用者所在位置、使用網卡MAC地址和IP地址的關聯產生提供定位使用者的資料。再藉由802.1X只允許授權的MAC地址可以使用網路並加上自動腳本的協助設定網路設備只允許相對應的IP地址可以使用網路進而達到防止IP盜用的功能。
並列摘要
Quickly finding user location and preventing unauthorized use of IP address are two challenges of IP address management. In this study we use well deployed functions to achieve the goal of finding user location quickly and preventing unauthorized use of IP address. We use IEEE 802.1X to allow only authorized users access to the network, use RADIUS accounting to collect the username, user location and MAC address information, and use DHCP to ease the IP address management and establish the association between MAC and IP address. Finally, we construct a table with information including username, user location, MAC address, and IP address automatically. With this table, we can quickly find the user location and with the help of automation script, we can prevent unauthorized use of IP address.