arp spoofing / poisoning

Unanswered Question
Oct 13th, 2008

Hi all, is there any way of protecting my network against arp poisoning attacks etc?

cheers

Carl

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
satish_zanjurne Mon, 10/13/2008 - 05:42

Hi,

DAI ( Dynamic ARP Inspection ) is the feature will help you on switches & routers.

Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks.

Dynamic ARP inspection ensures that only valid ARP requests and responses are relayed. The switch performs these activities:

•Intercepts all ARP requests and responses on untrusted ports

•Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before updating the local ARP cache or before forwarding the packet to the appropriate destination

•Drops invalid ARP packets

For PIX/ASA

ARP Inspection is the feature that will prevents malicious users from impersonating other hosts or routers (known as

ARP spoofing). ARP spoofing can enable a “man-in-the-middle” attack.

HTH...rate if helpful..

Actions

This Discussion