mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-20 04:02:27 +00:00
16 lines
892 B
Plaintext
16 lines
892 B
Plaintext
arpCounterattack is a program for detecting and remedying "ARP attacks." It
|
|
monitors traffic on any number of Ethernet interfaces and examines ARP replies
|
|
and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP
|
|
request that is in conflict with its notion of "correct" Ethernet/IP address
|
|
pairs, it logs the attack if logging is enabled, and, if the Ethernet
|
|
interface that the attack was seen on is configured as being in aggressive
|
|
mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with
|
|
the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables
|
|
of hosts on the local network segment. The corrective gratuitous ARP request
|
|
and corrective gratuitous ARP reply can be sent from an Ethernet interface
|
|
other than the one that the attack was seen on.
|
|
|
|
WWW: http://acm.poly.edu/wiki/ARP_Counterattack
|
|
|
|
-Boris Kochergin <spawk@acm.poly.edu>
|