9
Oct

Blocking ARP Cache poisoning

   Posted by: Vivek Khokhar   in Linux

Add Comment

Manually add all MAC address.

Get MAC address of each machine using ifconfig

To add manually MAC address to ARP entries, use the following command:
# arp -s 207.35.78.3 00:50:DA:C6:D3:FF
WARNING: If you receive error message like: SIOCSARP: Invalid argument, it is because the MAC (Media Access Control) address you want to add is the one of your server. You must add only MAC address of INTERNAL computers in your private network. This hack doesn’t apply to external node on the Internet.

You can now be reassured that someone will not change the system’s IP address of an
INTERNAL system and get through. If they do change the IP address, the server simply won’t talk to them. With the new iptables tool of Linux, which replace the old ipchains utility for packet filter administration and firewall setup, MAC addresses can be filtered and configured in the firewall rules too.

This entry was posted on Monday, October 9th, 2006 at 3:13 am and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a reply

You must be logged in to post a comment.

Back to top