1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-20 04:02:27 +00:00
freebsd-ports/security/arpCounterattack/pkg-plist
Steven Kreuzer c1c42fcce0 arpCounterattack is a program for detecting and remedying "ARP attacks." It
monitors traffic on any number of Ethernet interfaces and examines ARP replies
and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP
request that is in conflict with its notion of "correct" Ethernet/IP address
pairs, it logs the attack if logging is enabled, and, if the Ethernet
interface that the attack was seen on is is configured as being in aggressive
mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with
the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables
of hosts on the local network segment. The corrective gratuitous ARP request
and corrective gratuitous ARP reply can be sent from an Ethernet interface
other than the one that the attack was seen on.

WWW: http://acm.poly.edu/wiki/ARP_Counterattack

PR:		ports/151973
Submitted by:	Boris Kochergin <spawk@acm.poly.edu>
2011-04-27 17:42:00 +00:00

7 lines
423 B
Plaintext

sbin/arpCounterattack
@unexec if cmp -s %D/etc/arpCounterattack/arpCounterattack.conf.sample %D/etc/arpCounterattack/arpCounterattack.conf; then rm -f %D/etc/arpCounterattack/arpCounterattack.conf; fi
etc/arpCounterattack/arpCounterattack.conf.sample
@exec if [ ! -f %D/etc/arpCounterattack/arpCounterattack.conf ] ; then cp -p %D/%F %B/arpCounterattack.conf; fi
etc/arpCounterattack/oui.txt
@dirrmtry etc/arpCounterattack