Network Security – Defenses against arp spoofing



So, we’ve spent a couple articles talking about arp spoofing. It sounds really bad, it’s a frighteningly easy way to do a “mitm” or man in the middle attack and anyone using arp spoofing could capture ALL network traffic including passwords. There’s got to be an easy fix right? Um…. well. This is not something you’re going to want to read, but there aren’t a lot of good options. It’s possible to setup a static arp table. With a static arp table, a machine ( switch/router ) has a list of known good MAC addresses and which IP addresses they should match.


If you have a small number hardware on the network and there is little changing of hardware, AND you have static IP addresses this might be a good choice. For larger networks it might be too unwieldy to manage though. One approach would be to do a static arp entry for “important” machines. (Like the gateway?) So, this is likely not a reasonable approach for many. (Especially home/small business users.)

Another approach is to be creative with subnets and make sure that untrusted machines get put into a seperate subnet from “trusted” machines.

There is a program called arpwatch that can keep track of what arp/ip address pairings have been found on the network and will report new entries to the administrator. Unfortunately, this last item is not preventative, but will let you know if something odd is up. (Of course, depending on how you retrieve mail from the machine, IF the machine is arp poisoned, the attacker will likely know that the administrator is aware….)

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 7 - Wireless Networking OK - the last couple of entries got into some heavy lifting and some real learning on your part. Learning about what software needs to run, what services are running, updating them to keep current on security patches. We even talked about securing services listening for outside connections and limiting......
  • Handy Online Network Tools Most of the time when I need to do a Dig or whois or traceroute I'm at a machine that I can use a good command line version of these essential network utilities. However, there are always times when you're at a PC or situation that is either missing some......
  • Network Security guide for the home or small business network - Part 1 - A Hardware firewall Computers can communicate over networks. (Surprise!) That's how you're reading this post. The machine that this site is hosted on is listening for requests for connection. When it receives a request it answers back with a web page. In fact, computers can listen for a great many different kinds of......
Blog Traffic Exchange Related Websites
  • Wireless Broadband Internet-whether It Is LAN Or WAN Service-is Associated Having A Wireless broadband Internet-whether it is LAN or WAN service-is associated having a number of diverse myths. These typically center on security and need to do with anxiety about how info is transmitted over a wireless connection and, furthermore, need to do with concerns about eavesdropping, in several cases. You will......
  • Antique Bicycles Antiques Antique bicycles, even ones as recent as the 1950s and 1960s, are highly sought out and prized among collectors today. Certain brands and types of bicycles are snapped up and restored by bike aficionados who pay far more for the bicycles than they cost when they were new. Some......
  • Antique Singer Sewing Machine Antiques -> Sewing -> Machines and Machine Parts If you love sewing collectibles and are trying to build up your collection, one of the best additions you can find is an antique Singer sewing machine. These machines can enhance any personal collection and may even be the focal point in......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site