ARP Counterattack

From Association for Computing Machinery

This program aims to detect and remedy "ARP attacks." It monitors traffic on an Ethernet interface (configured in arpCounterattack.conf) and examines ARP replies and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP request that is in conflict with its notion of "correct" Ethernet/IP address pairs (also configured in arpCounterattack.conf), it informs the user of the situation by printing a message to standard output, and sends out a gratuitous ARP request with the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables of hosts on the local network segment.

The code is C/C++ and aims to be compact, requiring libpcap as the only third-party library. It has been tested with GCC 3.4, 4.1, and 4.2, on FreeBSD and GNU/Linux, and on 32- and 64-bit and little- and big-endian processors.

Download: ARP Counterattack 1.0.0

Retrieved from "http://acm.poly.edu/wiki/ARP_Counterattack"

ARP Counterattack

From Association for Computing Machinery

Views

Personal tools

Navigation

Search

Toolbox