Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Protection against arp spoofing
Special Forums IP Networking Protection against arp spoofing Post 302586553 by Corona688 on Monday 2nd of January 2012 12:04:50 PM
Old 01-02-2012
ARP packets aren't routed, they are local subnet traffic. So putting arptables on your gateway won't stop arp going anywhere else. This means an attacker would have to actually be on your local network to spoof arp, too.

If you do have some strange configuration where all arp must pass through your router and an attacker could attach to your local network from afar, there's a lot of important arp traffic that must be broadcasted, too, you can't cavalierly block everything except certain sources and destinations.
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Spoofing paths.

There is a program that I am trying to run on a shell account. It depends on another program, which I have also copied to the shell account. Both are in my home directory, yet the first program has a different path hardcoded into it, which I cannot use because of permissions problems. How can I... (3 Replies)
Discussion started by: fahadsadah
3 Replies

2. UNIX for Dummies Questions & Answers

Spoofing a From Address in SMTP

Hi, I am currently using Mailx to send a mail message from my unix account via an SMTP relay. This is working ok. However from the recipient end the FROM address they see on mails received is <unix account>@<domain> eg prod@liveserver.com Is there anyway I can spoof this FROM address from the... (1 Reply)
Discussion started by: jimthompson
1 Replies

3. Cybersecurity

Help Make a spoofing DNS using pcap library

Hello all, i need your quick help. I have assignment project class to make a program using pcap library to spoofing DNS in linux environment. Can anyone help me, because i'm newbie in network security and in C?:confused: Regards, ptrfw (1 Reply)
Discussion started by: riska_bali
1 Replies

4. Cybersecurity

MAC Address spoofing

There is a question in the SCO section asking for information on how to change the MAC address of a NIC. Is there a valid reason for wanting to change the MAC address? (1 Reply)
Discussion started by: jgt
1 Replies

5. Solaris

MAC spoofing a virtual NIC on Solaris 5.0

Hi everybody! I'm facing a problem and I doubt about the solution (I'm not very familiar with old *NIXs). An external network supplier (let's call them "telco") just installed new communication components that filters MAC addresses. I have a Solaris 5 server, with 1 NIC (hte0) which is... (6 Replies)
Discussion started by: Isharfoxat
6 Replies

6. OS X (Apple)

ethernet mac spoofing

I tried to use the command sudo ifconfig en0 ether xx:xx:xx:xx:xx:xx to do mac spoofing for internet connection in my office. It works only for 5 minutes. Every time after about 5mins, the Internet will be disconnected. :wall: Any one knows how to solve this problem? Thanks. (6 Replies)
Discussion started by: andrewust
6 Replies

7. UNIX for Dummies Questions & Answers

Running into problems while spoofing IP Address

I have a machine (IP:192.168.1.185) and i want to send spoofed IP address (e.g. 192.168.1.212) to another machine(192.168.1.213) . I am using a spoofing program for this which uses raw sockets. Now whenever i pass the parameters(spoofed ip addr and destination) to the output of the program, i... (2 Replies)
Discussion started by: syncmaster
2 Replies

LEARN ABOUT PLAN9

arp

ARP(3)							     Library Functions Manual							    ARP(3)

NAME

       arp - Internet Address Resolution Protocol

SYNOPSIS

       bind -a #a /net/arp

       /net/arp/ctl
       /net/arp/data
       /net/arp/stats

DESCRIPTION

       The  arp  device  provides  the	means by which the kernel resolves IP addresses into Ethernet addresses.  A cache is maintained by the arp
       device to speed the process.

       The ctl file controls the ARP cache maintained by the kernel.  The flush control message invalidates all entries in the cache.  The  delete
       ipaddr control message invalidates a single cache entry.  All IP addresses passed to the system are in the canonical textual form described
       in ip(2).  The perm ipaddr control message makes an existing cache entry permanent.

       When the kernel boots, ipconfig sets up the IP stream and arpd opens #a/arp/data (see ipconfig(8)).  This establishes  the  ARP	cache  and
       enables	arpd to receive all ARP packets from the network, which it uses to maintain the cache by writing the results of address resolution
       requests back into the cache.  The IP stream module uses the cache to translate IP addresses.

       Subsequent opens of the data file allow the contents of the cache to be examined.  Each cache entry consists of an IP address, an  Ethernet
       address,  and  the  status  of  the entry.  Entries may be invalid, permanent, or temporary.  Permanent entries will never be aged from the
       cache.  Temporary entries may be replaced by new addresses entered by the ARP server.

       The file stats reports the cache performance.

SEE ALSO

       ip(3), ipconfig(8)

SOURCE

       /sys/src/9/port/devarp.c

																	    ARP(3)
All times are GMT -4. The time now is 07:09 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy