Sunday, July 19, 2009

ARP Spoofing

respecting: hello i want to prevent attacks from software like cain and abel
respecting: what must i do ?
crunge: respecting: learn the attacks that tool X does then prepare appropriate defenses for those attacks
respecting: cain and abel made arp spoofing attacks
respecting: can you please give me a tool to prevent such attack?
respecting: Thanks in advance
crunge: respecting: Do you understand the nature of ARP spoofing?
respecting: Yes
respecting: i understand it
respecting: but i don’t know how can i prevent such attacks?
respecting: Can you please help me?
crunge: respecting: the solution is simple - hard code the ARP entries for each device in each device on the network
crunge: respecting: rather, get rid of ARP by hard-coding the IP-MAC relationships
crunge: I didn’t want to insult you by asserting that you don’t understand ARP and ARP spoofing, but I guess I’m content insulting you with an absurd resolution
crunge: To my knowledge there isn’t a good way to prevent ARP spoofing with software. Some switches will allow you to specify which IPs should be seen on each port
crunge: what you can do is get a tool like arpwatch that will track ARP replies and alert you when an IP-MAC relationship changes

No comments:

Post a Comment