Shell code to prevent ARP attacks

Copy codeThe Code is as follows :#! /Bin/bash
Declare gw = 'route-n | grep-e' ^ 0.0.0.0''
Declare gwname = 'echo $ gw | grep-oe '\ w * $''
Declare gwip = 'echo $ gw | grep-oe '[0-9] \ {2, 3 \}\. [0-9] \ {1, 3 \}\. [0-9] \ {1, 3 \}\. [0-9] \ {1, 3 \}''
Declare gwmac = 'Arp-n | grep-e $ gwip | grep-oe '[0-9A-F] \ {2 \}: [0-9A-F] \ {2 \}: [0-9A-F] \ {2 \}: [0-9A-
F] \ {2 \}: [0-9A-F] \ {2 \}: [0-9A-F] \ {2 \}''
Echo "switch $ gwname arp: $ gwip-$ gwmac to static"
Arp-s $ gwip $ gwmac
Echo "done, off arp reuqest .."
Ifconfig $ gwname-arp
Echo "all done ."

Solution to ARP attacks in linux

In Windows, users can use the antiArp firewall to solve the problem. But what do linux brothers and sisters do? Today I have to worry about this problem.
I used fedora core 6. I first mounted several image files and used the keyword arp to search for arptables. arpwatcher and arpwatcher were the first to search for arpwatcher, it seems that it can only monitor changes to the local ip Address/arp Address, and does not seem to prevent arp attacks. After reading arptables, I immediately thought of iptables and installed it. The command lines are exactly the same. But the problem is that it is very easy to keep the local machine from arp attacks (it can be bound with static arp), but the gateway still needs to be attacked, and we are not network administrators, gateway I can only "stay in the dark, not stay in the dark"!
We can't get through this. Let's make another mistake. We can see that arping has caught my eye. We can go back to shell and find that we have installed and pulled it:
"Arping-send arp request to a neighbor host" arping [-AbDfhqUV] [-c count] [-w deadline] [-s source]-I interface destination-U Unsolicited ARP mode to update neighbors 'Arp caches. no replies are expected.
Key commands:
Nic interface of the arping-U-I package-s source ip address destination ip address
Instance:
Assume that the ip address of your eth0 interface is 192.168.1.1 and the gateway is 192.168.1.255.
Arping-U-I eth0-s 192.168.1.1 192.168.1.255