Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Prevent ARP spoofing

2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Foreword:

Once because the students in the dormitory often stayed up late to play games, good advice didn't work. I had no choice but to use arp to deceive their mainframe, so that the game was delayed and dropped after 11:00 at night. Finally, at 11:00, the students all went to bed.

Three ways to prevent arp spoofing:

Statically bind mac addresses on the host

Arp Firewall on the host

Take advantage of the switch's anti-arp spoofing technology, such as DAI

Statically bind the mac address on the windows host:

Statically bind the mac address on the linux host:

Do MAC binding on the router:

Use arptable firewall to prevent arp spoofing on linux hosts (360th on windows or security butler can prevent arp spoofing)

The first method binds mac and IP addresses on terminals and gateways, but the second method is based on mac and Ip, but it is different from the first method, and the second method is through firewall software: arptalbes

Arptables firewall is open source, similar to iptables, free download, can be implemented in the linux system to prevent arp spoofing

You need to install gcc before installing arpiptables

Download address: http://sourceforge.net/projects/ebtables/files/arptables

Decompress:

Tar xzf arptables-v0.0.4.tar.gz-C / usr/src

-C is the installation step for extracting the source code program to the specified directory: 1). / configure generates a makefile file. 2) make3) make install adds rules to arptables:

Arptables-An INPUT-- src-ip 192.168.80.200!-- src-mac 01:00:5e:00:00:16-j DROP

Adding a rule means to match the gateway with its real mac address, and if it does not match in the inbound direction, the packet will be lost, which is to use arptables to prevent arp spoofing.

Note; commands in iptables are still valid here, for example, look at the rule: arptables-L-n

Save the configuration when you are done:

Arptables-save saves the configuration

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Host address method firewall fire prevention that is rules static classmate configuration effective security persuasion to put it bluntly switch free download preface function but command vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Microsoft MariaDB OPPO Reno macOS MySQL Huawei Xiaomi Shulou Tech Info Shulou Information Linux Apple Redmi vpn Shulou Technology Docker NVidia Microsoft MariaDB OPPO Reno macOS MySQL Huawei Xiaomi Shulou Tech Info Shulou Information Linux Apple Redmi vpn Shulou Technology Docker NVidia

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report