Network Security – Defenses against arp spoofing



So, we’ve spent a couple articles talking about arp spoofing. It sounds really bad, it’s a frighteningly easy way to do a “mitm” or man in the middle attack and anyone using arp spoofing could capture ALL network traffic including passwords. There’s got to be an easy fix right? Um…. well. This is not something you’re going to want to read, but there aren’t a lot of good options. It’s possible to setup a static arp table. With a static arp table, a machine ( switch/router ) has a list of known good MAC addresses and which IP addresses they should match.


If you have a small number hardware on the network and there is little changing of hardware, AND you have static IP addresses this might be a good choice. For larger networks it might be too unwieldy to manage though. One approach would be to do a static arp entry for “important” machines. (Like the gateway?) So, this is likely not a reasonable approach for many. (Especially home/small business users.)

Another approach is to be creative with subnets and make sure that untrusted machines get put into a seperate subnet from “trusted” machines.

There is a program called arpwatch that can keep track of what arp/ip address pairings have been found on the network and will report new entries to the administrator. Unfortunately, this last item is not preventative, but will let you know if something odd is up. (Of course, depending on how you retrieve mail from the machine, IF the machine is arp poisoned, the attacker will likely know that the administrator is aware….)

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
  • The Business of Upholstery Sewing Machines If you are in the business of upholstery, then you need an upholstery sewing machine like Singer 7442 sewing machine or brother sewing machines. You might try to cheap out and purchase a consumer sewing machine; however, these machines will not work for upholstery. The reason why they will not......
  • Hackers breach security giant RSA’s network An interesting article by Silicon Republic about the recent RSA breach. EMC’s security division RSA has revealed its own network has been breached by hackers who launched an ‘extremely sophisticated’ attack that may have compromised the company’s SecureID authentication service. In a note to customers, executive chairman Art Coviello said......
  • Why Get a Quilting Sewing Machine? Quilting is becoming a marvelous new hobby for many people. It is a great way to fill up extra time and learning how to do it is not that difficult. Once the task is mastered the process can become very rewarding. Quilting is not only a great way to fill......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site