Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Protection against arp spoofing
Special Forums IP Networking Protection against arp spoofing Post 302586383 by chrisperry on Sunday 1st of January 2012 11:25:39 AM
Old 01-01-2012
Protection against arp spoofing
Hi, I'm trying to find a way to protect my network against arp spoofing.

What it is:
An attacker sends fake arp packets in the network, identifying himself as the router. All network traffic is then redirected to this attacker.

How to protect myself:
In my opinion, the best possible protection is arptables firewall running on my router. But I'm not sure hot to set it up properly. It sholud be simillar to iptables, so I tried:

Code:
arptables -P INPUT DROP
arptables -P OUTPUT DROP
arptables -A INPUT -s 192.168.1.1 --source-mac MAC:OF:MY:ROUTER -j ACCEPT
arptables -A OUTPUT -d 192.168.1.1 --destination-mac MAC:OF:MY:ROUTER -j ACCEPT

So all arp packets are dropped (default policy DROP, first two lines) and only those coming from or to my router (= valid ones) are allowed.
But for some reason, my whole network collapses after executing this command. Any idea what is wrong?
Last edited by DukeNuke2; 01-01-2012 at 01:01 PM..
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Spoofing paths.

There is a program that I am trying to run on a shell account. It depends on another program, which I have also copied to the shell account. Both are in my home directory, yet the first program has a different path hardcoded into it, which I cannot use because of permissions problems. How can I... (3 Replies)
Discussion started by: fahadsadah
3 Replies

2. UNIX for Dummies Questions & Answers

Spoofing a From Address in SMTP

Hi, I am currently using Mailx to send a mail message from my unix account via an SMTP relay. This is working ok. However from the recipient end the FROM address they see on mails received is <unix account>@<domain> eg prod@liveserver.com Is there anyway I can spoof this FROM address from the... (1 Reply)
Discussion started by: jimthompson
1 Replies

3. Cybersecurity

Help Make a spoofing DNS using pcap library

Hello all, i need your quick help. I have assignment project class to make a program using pcap library to spoofing DNS in linux environment. Can anyone help me, because i'm newbie in network security and in C?:confused: Regards, ptrfw (1 Reply)
Discussion started by: riska_bali
1 Replies

4. Cybersecurity

MAC Address spoofing

There is a question in the SCO section asking for information on how to change the MAC address of a NIC. Is there a valid reason for wanting to change the MAC address? (1 Reply)
Discussion started by: jgt
1 Replies

5. Solaris

MAC spoofing a virtual NIC on Solaris 5.0

Hi everybody! I'm facing a problem and I doubt about the solution (I'm not very familiar with old *NIXs). An external network supplier (let's call them "telco") just installed new communication components that filters MAC addresses. I have a Solaris 5 server, with 1 NIC (hte0) which is... (6 Replies)
Discussion started by: Isharfoxat
6 Replies

6. OS X (Apple)

ethernet mac spoofing

I tried to use the command sudo ifconfig en0 ether xx:xx:xx:xx:xx:xx to do mac spoofing for internet connection in my office. It works only for 5 minutes. Every time after about 5mins, the Internet will be disconnected. :wall: Any one knows how to solve this problem? Thanks. (6 Replies)
Discussion started by: andrewust
6 Replies

7. UNIX for Dummies Questions & Answers

Running into problems while spoofing IP Address

I have a machine (IP:192.168.1.185) and i want to send spoofed IP address (e.g. 192.168.1.212) to another machine(192.168.1.213) . I am using a spoofing program for this which uses raw sockets. Now whenever i pass the parameters(spoofed ip addr and destination) to the output of the program, i... (2 Replies)
Discussion started by: syncmaster
2 Replies

LEARN ABOUT DEBIAN

vlan-interfaces

VLAN-INTERFACES(5)						   File formats 						VLAN-INTERFACES(5)

NAME

       /etc/network/interfaces (vlan) - vlan extensions for the interfaces(5) file format

DESCRIPTION

       /etc/network/interfaces	contains  network  interface  configuration  information  for  the  ifup(8)  and ifdown(8) commands.  This manpage
       describes the vlan extensions to the standard interfaces(5) file format.

       Primary extensions exist to make and destroy vlan interfaces, secondary extensions exist for ipv4 interface manipulation which  are  gener-
       ally needed when using (a lot of) vlans.

VLAN CREATION

       Vlan  interface	definitions  exist  of the vlan interface name, and an optional 'raw-device' parameter.  Vlan interfaces are numbered 1 to
       4095.  You have the option to have interface names zero-padded to 4 numbers, or just the plain digits without leading zero.  The  following
       example shows four ways to create a vlan with id 1 on interface eth0.  They all result in different names.

	iface eth0.1 inet static
	    address 192.168.1.1
	    netmask 255.255.255.0

	iface vlan1 inet static
	    vlan-raw-device eth0
	    address 192.168.1.1
	    netmask 255.255.255.0

	iface eth0.0001 inet static
	    address 192.168.1.1
	    netmask 255.255.255.0

	iface vlan0001 inet static
	    vlan-raw-device eth0
	    address 192.168.1.1
	    netmask 255.255.255.0

	# We don't have br support out of the box
	iface br0.2 inet static
	    vlan-raw-device br0
	    address 192.168.1.1
	    netmask 255.255.255.0

	# Aliases are ignored
	iface br0.2:1 inet static
	    address 192.168.1.1
	    netmask 255.255.255.255

EXTRA IFACE OPTIONS

       Usually someone who uses vlans also wants to do some other manipulations with the ip stack or interface.

       vlan-raw-device devicename
	      Indicates the device to create the vlan on.  This is ignored when the devicename is part of the vlan interface name.

       ip-proxy-arp 0|1
	      Turn proxy-arp off or on for this specific interface.  This also works on plain ethernet like devices.

       ip-rp-filter 0|1|2
	      Set the return path filter for this specific interface.  This also works on plain ethernet like devices.

       hw-mac-address mac-address
	      This sets the mac address of the interface before bringing it up.  This works on any device that allows setting the hardware address
	      with the ip command.

AUTHOR

       This manpage was adapted from interfaces(5) by Ard van Breemen <ard@kwaak.net>

SEE ALSO

       vconfig(8) interfaces(5)

vlan								 September 30 2007						VLAN-INTERFACES(5)
All times are GMT -4. The time now is 03:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy