full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: [Full-disclosure] ArpON detects and blocks A

[Full-disclosure] ArpON detects and blocks Arp Poisoning/Spoofing attacks

From: Andrea Di Pasquale <spikey.it_at_nospam>
Date: Sat Aug 02 2008 - 22:40:22 GMT
To: full-disclosure@lists.grok.org.uk


Hi,
My name is Andrea Di Pasquale and I study at Secondary High School "S. Quasimodo"
in Catania, Italy.

Some time ago I released a research project related to the security of the
address resolution protocol Arp, the project name being Arpon (Arp handler
inspection).

Arpon makes the protocol secure without recurring to algorythms, SSL or any other technology which is not part of the standard protocol. Arpon is a daemon based on the Arp handling mechanism in kernel space that
uses different policies either in static environments (Static Arp Inspection
algorythm), or in DHCP dynamic ones (Dynamic Arp Inspection algorythm). Arpon is written as a user space tool so it can work on posix platforms: infact it is extensively tested on platform such as Max OS X, FreeBSD, OpenBSD,
NetBSD and Linux.

Today I suggest you to have a look at the project, because I think it has
great potentiality, the only competitor on the market being Cisco's DAI on Catalyst 4500 devices (which uses DHCP to securify ARP; Arpon just uses
the standard kspace protocol implementation instead).

Furthermore, Arpon is Open Source software.

Links: http://arpon.sourceforge.net/ http://arpon.sourceforge.net/documentation.html http://arpon.svn.sourceforge.net/viewvc/arpon/

Thanks for the attention, I hope in your interest. Cordially,
Andrea.



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/