Security Basics mailing list archives

Re: ARP spoofing attacks

From: Chris Moody <cmoody () qualcomm com>
Date: Wed, 14 Apr 2004 16:32:16 -0700 (PDT)

The best way i know of thus far is to enable "port security" in some form
or another.  Cisco switches can lock the port down to only allow a certain
MAC.  If you spoof...the port drops.

Arpwatch and a NIDS can also watch for this type of traffic...but it is
spotty and requires the architecture/heirarchy to be setup correctly for
it to work properly.

Cheers,
-Chris



On Wed, 14 Apr 2004, Amit Agrawal wrote:


Hi
 I have a question...How do u secure
 against ARP spoofing attacks...If
 not the whole subnet...I want to be
 sure that no one spoofs the IP of
 my gateway.

Amit


--
     ()
 3-| |!-| c|



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

syslog GUI for Linux Omar Khawaja (Apr 08)
- Re: syslog GUI for Linux Daniel Cid (Apr 12)
  - ARP spoofing attacks Amit Agrawal (Apr 14)
    - Re: ARP spoofing attacks Chris Moody (Apr 15)
    - Re: ARP spoofing attacks Matthias Vallentin (Apr 16)
    - Re: ARP spoofing attacks Chris Moody (Apr 19)
    - Re: ARP spoofing attacks Markus Schabel (Apr 19)
    - Re: ARP spoofing attacks die tuere (Apr 15)
    - RE: ARP spoofing attacks David Gillett (Apr 15)
    - Re: ARP spoofing attacks Markus Schabel (Apr 16)
    - RE: ARP spoofing attacks Ranjeet Shetye (Apr 16)
- Re: syslog GUI for Linux aruna (Apr 19)
  - Re: syslog GUI for Linux Daniel Cid (Apr 21)
    - Filtering SPAM with Linux ivan.hernandez (Apr 27)

(Thread continues...)