forked from Lainports/opnsense-ports
8cb1a96ede
Taken from: https://github.com/freebsd/freebsd-ports.git Commit id: 5070672073b68be364139bc6b3a89100bd17d331
13 lines
853 B
Text
13 lines
853 B
Text
arpCounterattack is a program for detecting and remedying "ARP attacks." It
|
|
monitors traffic on any number of Ethernet interfaces and examines ARP replies
|
|
and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP
|
|
request that is in conflict with its notion of "correct" Ethernet/IP address
|
|
pairs, it logs the attack if logging is enabled, and, if the Ethernet
|
|
interface that the attack was seen on is configured as being in aggressive
|
|
mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with
|
|
the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables
|
|
of hosts on the local network segment. The corrective gratuitous ARP request
|
|
and corrective gratuitous ARP reply can be sent from an Ethernet interface
|
|
other than the one that the attack was seen on.
|
|
|
|
WWW: http://acm.poly.edu/wiki/ARP_Counterattack
|