Last time I talked about the Windows anti-ARP method: http://www.bkjia.com/Article/201107/97251.html
Now there are more Linux users and more Linux servers. This site is Linux.
The Linux anti-ARP attack method is bound to the MAC table.
Input arp-a under ssh
Will return
Localhost (192.168.1.1) at 00: 73: 44: 5c: 51: e0 [ether] on eth0
00: 73: 44: 5c: 51: e0 is the MAC address of the gateway.
192.168.1.1 is the IP address of the gateway.
Using vim to create a document in/etc is called safe121-mac ~
Input:
192.168.1.1 00: 73: 44: 5C: 51: E0
(Uppercase for MAC)
Then bind
Arp/f/etc/safe121-mac
Then arp-a will output
Localhost (192.168.1.1) at 00: 73: 44: 5c: 51: e0 [ether] PERM on eth0
Are there any differences? If PERM is added, the operation is successful.
Enable Automatic Binding later
DebianLinux
Vim/etc/rc. local
If other systems
Vim/etc/rc. d/rc. local
Add one
Arp/f/etc/safe121-mac
In this way, a static gateway is bound and arp is not afraid ~
From: network security technology blog