mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-20 04:02:27 +00:00
c1c42fcce0
monitors traffic on any number of Ethernet interfaces and examines ARP replies and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP request that is in conflict with its notion of "correct" Ethernet/IP address pairs, it logs the attack if logging is enabled, and, if the Ethernet interface that the attack was seen on is is configured as being in aggressive mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables of hosts on the local network segment. The corrective gratuitous ARP request and corrective gratuitous ARP reply can be sent from an Ethernet interface other than the one that the attack was seen on. WWW: http://acm.poly.edu/wiki/ARP_Counterattack PR: ports/151973 Submitted by: Boris Kochergin <spawk@acm.poly.edu>
7 lines
423 B
Plaintext
7 lines
423 B
Plaintext
sbin/arpCounterattack
|
|
@unexec if cmp -s %D/etc/arpCounterattack/arpCounterattack.conf.sample %D/etc/arpCounterattack/arpCounterattack.conf; then rm -f %D/etc/arpCounterattack/arpCounterattack.conf; fi
|
|
etc/arpCounterattack/arpCounterattack.conf.sample
|
|
@exec if [ ! -f %D/etc/arpCounterattack/arpCounterattack.conf ] ; then cp -p %D/%F %B/arpCounterattack.conf; fi
|
|
etc/arpCounterattack/oui.txt
|
|
@dirrmtry etc/arpCounterattack
|