ARP defense under Linux
There are 2 ways of ARP attack
The first is to mislead your serverlinux anti-arp attack, telling you that the MAC of the network segment is another.
The second is to mislead the network segment linux video, telling the network segment that the MAC of your server is another one.
For the first type, you can use the arp-s network segment IP network segment MAC command to set up static arp record defense
For the second method, you can use the following method
Linux security hardening, since it is source code compilation, I won’t talk about it later. Go check out the specific software packages required for ubuntu source code installation
tarzxvf-
cd-/
sudo./configure
sudomake
If you are prompted that the command is insufficient, you can use apt-getinstallmake to install it
sudomakeinstall
During the compilation processLinux anti-arp attack, some warnings will be prompted, it doesn't matter. In short, after installation, just have /usr/lib/.a
Install arpoison afterwards
tarxvfarpoison-
cdarpoison/
sudogcc/usr/lib/.a-oarpoison
There may be a prompt that the file does not exist, which can be solved by replacing /usr/lib with /usr/local/lib
sudomvarpoison/usr/sbin
sudogcc/usr/lib/.a-oarpoison
sudomvarpoison/usr/sbin
After the installation is complete, you can use the following command
sudoarpoisonUsage:-i-d-s-t-r[-a][-wtimebetweenpackets][-nnumbertosend]
Parameter description
-i specifies the network card socket eth0 that sends arp packets
-d
-s
The above is the detailed content of Two forms of ARP attacks and defense methods, detailed analysis. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
