Practical skills: enable the Linux system to effectively defend against ARP attacks

Article title: practical tips: enable the Linux system to effectively defend against ARP attacks. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Log on as an administrator and enter

1. # arp-a>/etc/ethers

Import ip and mac addresses to ethers

2. # vi/etc/ethers

Edit the file format. the content of the ethers file must be deleted in any of the following formats.

192.168.1.X XX: XX

192.168.1.X XX: XX

......

// Note that mac is capitalized, and there is no O, only zero, ip and mac space

3. # vi/etc/rc. d/rc. local // open and display the/etc/rc. d/rc. local file and the startup item file.

# I // Edit

// Execute arp-f at startup to bind according to the content in/etc/ethers

Add the last line in the/etc/rc. d/rc/local file

Arp-f

Exit editing from ESC

: Wq // save and edit

4. # arp-f // run the save binding

(Gateway mac is not included in ethers; otherwise, an error is reported)

This can only prevent some arp attacks. If you import all the ip mac addresses in the network into the ethers file, it can effectively prevent arp attacks.

1. nmap-sP 192.168.11.0/24

Scan, the result is that my arp table contains the mac of all machines in that network segment, copy all information to the/etc/ethers file

2, 3, 4 Same as above