1

I've seen a few methods to detect ARP Spoofing attacks through code(such as this), and ways to defend against these attacks through software and switches (like arp spoofing protection on LAN). How would I prevent arp spoofing with my own code(conceptually)? I wasn't sure if this would be better for Stackoverflow or this site.

EDIT: I don't care so much about any specific language, psuedocode would be great but I'm also fine with just the conceptual side of things.

Community
  • 1
Dylan Katz
  • 243
  • 1
  • 3
  • 9
  • what kind of code? I'm not sure I understand the question since most high level code won't have much to do with frame-level network traffic? – pacifist Apr 07 '14 at 13:45
  • Sorry I should have been more specific, I don't care so much about any specific language, psuedocode would be great if possible. – Dylan Katz Apr 07 '14 at 21:20
  • 1
    ... you mean re-implementing arp spoofing detection or prevention? Any kind of solution that alerts when there are multiple mac addresses claiming to be a particular IP or even flagging changes; also solutions that try to lock down entries to a 'known good' state. – pacifist Apr 09 '14 at 04:32
  • pacifist, I'm hoping for prevention, is there any reliable way to prevent this other than just alerting the user or disconnecting from the network? – Dylan Katz Apr 10 '14 at 17:59
  • 1
    its fairly system dependent but anything that stops your machine using malicious routes would do the trick. In practice things change so such a system usually becomes less practical if someone really did change ports or interfaces in a way that affects arp legitimately. – pacifist Apr 10 '14 at 23:43

0 Answers0