Login or Register to Ask a Question and Join Our Community


Cybersecurity

arpwatch!

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity arpwatch!
# 1  
Old 02-24-2006
arpwatch!
I want to configure arpwatch for ip-level security for some of the machine on the network.

network is
10.129.112.0/25

but i want to look at those arp request which has ip from
10.129.112.160-179

and only(these machines)

arpwatch -n 10.129.112.160/27 -d

will give lot of entries other than my network devices.
how do i do it?
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

parse an arpwatch file and retain most recent mac

Hi, I'm working on a little script, for first I transformed epoch (unix date in seconds) in a human readable date in this way cat arp.dat | sort -k 3 | gawk '{ print strftime("%d:%m:%Y:%H:%M", $3),$1,$2}' the result is 06:03:2006:10:01 0:a:e4:c0:b5:6d 192.168.1.3 06:03:2006:12:15... (8 Replies)
Discussion started by: CM64
8 Replies
Login or Register to Ask a Question

LEARN ABOUT REDHAT

arpsnmp

ARPSNMP(8)						      System Manager's Manual							ARPSNMP(8)

NAME

       arpsnmp - keep track of ethernet/ip address pairings

SYNOPSIS

       arpsnmp [ -d ] [ -f datafile ] file [ ...  ]

DESCRIPTION

       Arpsnmp keeps track for ethernet/ip address pairings. It syslogs activity and reports certain changes via email.  Arpsnmp reads information
       from a file (usually generated by snmpwalk(1)).

       The -d flag is used enable debugging. This also inhibits mailing the reports.  Instead, they are sent to stderr.

       The -f flag is used to set the ethernet/ip address database filename.  The default is arp.dat.

       Note that an empty arp.dat file must be created before the first time you run arpsnmp.

REPORT MESSAGES

       (See the arpwatch(8) man page for details on the report messages generated by arpsnmp(8).)

FILES

       /usr/operator/arpwatch - default directory
       arp.dat - ethernet/ip address database
       ethercodes.dat - vendor ethernet block list

SEE ALSO

       arpwatch(8), snmpwalk(1), arp(8)

AUTHORS

       Craig Leres of the Lawrence Berkeley National Laboratory Network Research Group, University of California, Berkeley, CA.

       The current version is available via anonymous ftp:

	      ftp://ftp.ee.lbl.gov/arpwatch.tar.gz

BUGS

       Please send bug reports to arpwatch@ee.lbl.gov.

       Attempts are made to suppress DECnet flip flops but they aren't always successful.

4th Berkeley Distribution					 17 September 2000							ARPSNMP(8)