Solution to ARP attacks in Linux

Recently, the ARP virus in our company's LAN has become popular. Users in Windows can use the antiARP firewall to solve the problem, but what should we do if we like Linux's siblings, I have encountered this problem today. I used Fedoracore6. I first mounted several image files and searched ARPtables with the keyword ARP. ARPwatcher and ARPwatcher were the first to be ARPwatcher, it seems that only the ip address or ARP Address of the local machine can be monitored.

Recently, the ARP virus in our company's LAN has become popular. Users in Windows can use the antiARP firewall to solve the problem, but what should we do if we like Linux's siblings, I have encountered this problem today.

I used Fedora core 6. I first mounted several image files and used the keyword ARP to search for ARPtables. ARPwatcher and ARPwatcher were the first to search for ARPwatcher, it seems that it can only monitor changes to the local ip Address/ARP Address, and does not seem to prevent ARP attacks. After reading ARPtables, I immediately thought of iptables and installed it. The command lines are exactly the same. But the problem is that it is very easy to keep the local machine from ARP attacks (it can be bound with static ARP), but the gateway still needs to be attacked, and we are not network administrators, gateway I can only "stay in the dark, not stay in the dark"!

This cannot be achieved. Let's change the way and search for the Internet! After looking for several "reincarnation", ARPing came into my eyes and went back to shell and found that it had been installed and pulled:

"ARPing-send arp request to a neighbor host" ARPing [-AbDfhqUV] [-c count] [-w deadline] [-s source]-I interface destination-U Unsolicited ARP mode to update neighbors 'Arp caches. no replies are expected.

Key commands:

Nic interface of the ARPing-U-I package-s source ip address destination ip address

Instance:

Assume that the ip address of your eth0 interface is 192.168.1.1 and the gateway is 192.168.1.255.

ARPing-U-I eth0-s 192.168.1.1 192.168.1.255

--------------------------------------------------------------------------------

-S src_ip: Specify the source ip address as src_ip

-I ethi: Specify the ethi Nic

Relevant command parameter table-c n: exit the program after sending n data packets

-W sec, sec, seconds later, exit the program

-F. Exit the program after receiving a response packet.

-Q quiet Mode

-V display version

--------------------------------------------------------------------------------

Summary:

Fedora Core 6 The first disk contains ARPing, install/Fedora/RPMS/iputils-20020927-41.fc6.i386.rpm package can be

ARPing does not seem to be as powerful as antiARP, but it is basically enough.

ARPing requires the root permission to run