2008年(72)
分类: BSD
2008-03-11 23:07:09
今天上看到的关于arp欺骗问题的帖子(这个问题要被讨论烂了),自己以前也做过相关回复,不过回头找起来也不太容易,还是写出来放这,自己找方便,别人看也方便。
软件的名称是,位置在/usr/ports/security/ipguard。
简短描述是:
“Tool designed to protect LAN IP adress space by ARP spoofing”,
详细描述是:
“ipguard listens network for ARP packets. All permitted MAC/IP pairs
listed in ‘ethers’ file. If it recieves one with MAC/IP pair, which is
not listed in ‘ethers’ file, it will send ARP reply with configured
fake address. This will prevent not permitted host to work properly
in this ethernet segment. Especially Windows(TM) hosts.”
功能就是使用一个经过配置的文件’ethers’来保护网内计算机以抵御arp欺骗、攻击。
安装后的输出内容:
===> INSTALL NOTES:
Now create /etc/ethers file (see ethers(5)) and then start ipguard:
(cd /usr/local/etc/rc.d mv ipguard.sh.sample ipguard.sh
/usr/local/etc/rc.d/ipguard.sh start)
安装后未执行make clean命令时:
cat /usr/ports/security/ipguard/work/ipguard-0.04/doc/ethers.sample
文件实例,参考。
补充:
ipguard.sh启动脚本里默认有iface=fxp0,这里应该替换为你做NAT的内网网卡名称。
