Security Basics mailing list archives

Re: ARP Poisoning

From: Jeff Dickison <kabal () undercoverworld com>
Date: Fri, 08 Nov 2002 11:12:08 -0800

Trevor Cushen wrote:

Hello Michael,

I am looking at that at the moment.  Encryption is the best way to go to
protect against sniffing and there are millions of ways to enable it
around a network in one form or another.

On the other side I am putting together a series of perl scripts and web
front ends to monitor devices on the network because I want to detect
new and unauthorised MAC addresses on my network.

But if a wireless AP was added to the network then I will detect that
too because it will be an unknown MAC address.

I am nearly finished developing this but if anyone knows of a utility
that already does this well then please let me know.

Trevor Cushen
Sysnet Ltd

Hi Trevor,

Have you checked out arpwatch?

Jeff

Attachment: _bin
Description:

Current thread:

ARP Poisoning Michael Ungar (Nov 07)
- Re: ARP Poisoning Matt Hemingway (Nov 08)
- Re: ARP Poisoning ATD (Nov 09)
- <Possible follow-ups>
- Re: ARP Poisoning brien mac (Nov 08)
- RE: ARP Poisoning Trevor Cushen (Nov 08)
  - Re: ARP Poisoning Jeff Dickison (Nov 09)
  - Re: ARP Poisoning Matt Hemingway (Nov 09)
- RE: Arp Poisoning anyluser (Nov 09)