With the development of network technology, there are more and more attacks in the network. ICMP is a simple nonconnected network layer protocol; many people who have a bad purpose often implement different kind of attacks using the insufficiency of the ICMP. The thesis studies the principle of ICMP, analyses kinds of attacks, points out that there is a main insufficiency inside the ICMP datagram —— easy to forge. The thesis has designed a blue print that can improve the authenticity and integrality of ICMP —— ICMP Security Tail (ICMP ST for short) Project. ICMP Security Tail is a data structure that inserted in the tail of the ICMP datagram, composed of Tag Field, Length Field, Sequence Field, Communication Key Field, and Error-Correcting Code Field. Each ICMP ST maps a Security Tail Association (STA for short) which arranged by the communicators beforehand. This two structures and a series of relative operators compose the ICMP ST Security Project, provides the Identity Authentication and Forward Error Correction. The project not only supports all kinds of ICMP datagram, but also will never influence the running of any network equipment, and can be well compatible with other equipments and protocols. If they want, any network equipment can implements the project to provides the Identity Authentication and Forward Error Correction by updating their ICMP controlling software.

[ 本帖最后由 linx00 于 2008-6-1 14:29 编辑 ]

原文：

随着网络技术的发展，网络攻击的手段也越来越多样。ICMP是一种简单的无连接的网络层协议，很多居心叵测的人经常利用ICMP的不足来实行各种目的的攻击。本文通过研究ICMP报文的工作原理，分析各种攻击手段，指出了目前ICMP报文最主要的不足——易伪造。

本文设计了一个提高ICMP报文真实性和完整性的方案——ICMP安全尾部（简称ICMP ST）方案。ICMP安全尾部是一个安插在ICMP报文数据尾部的数据结构，由结构标记字段、结构长度字段、序列号字段、通信密钥字段和纠错码字段五个字段组成。ICMP ST与一个通信双方事先约定好的数据结构——安全尾部关联（简称STA）形成一一映射关系。由这两个数据结构和相关的一系列操作共同组成ICMP ST安全方案，为ICMP报文提供身份认证和纠错功能。

此方案不但支持所有ICMP报文，而且不影响现有网络任何设备的正常运行，和现有设备完全兼容。根据需求，只要更新网络设备中的ICMP控制软件，便能够该设备上实施这个安全方案，为ICMP报文实现身份认证和纠错功能。

莫非是太乱了? 怎么没人帮忙看下?

这个东西有点太专业，不容易翻译啊。修改如下，仅供参考：

With the development of network technology, there appear more and more ways of cyber attacks. ICMP is a simple, non-linking network layer protocol and many people with evil purposes often launch various attacks on it by taking advantage of its weaknesses. This thesis, through studies of the principles of ICMP, analyzes various tricks of attacks, and points out that the major weakness of the ICMP datagram lies in the fact that it can be forged easily.To solve the problem, this thesis brings up a scheme for improving the authenticity and integrality of ICMP——ICMP Security Tail (ICMP ST for short) Scheme. ICMP Security Tail is a data structure inserted in the tail of the ICMP datagram, composed of Tag Field, Length Field, Sequence Field, Communication Key Field, and Error-Correcting Code Field. Each ICMP ST maps a corresponding Security Tail Association (STA for short) arranged by both parties of the communicators in advance. This two structures and a series of relative operators compose the ICMP ST Security Scheme, providing the Identity Authentication and Forward Error Correction. The scheme supports all kinds of ICMP datagram, without affecting the normal running of any network equipment. It is well compatible with current equipment and protocols. When needed, the Security Scheme can, by merely updating the ICMP control software, be executed on any network equipment, and thus fulfills its functions of Identity Authentication and Forward Error Correction.

非常感谢, 不愧是版主啊~~~~~

唉 我自己连人称都搞错了.....