Network Security: Support for ARP Handler Inspection (arpon)

arpon should be added to UTM. You would need to add the ability to process the arpon.log file intelligently and escalate to the administrator accordingly.

http://arpon.sourceforge.net/

arpon would be useful in situations where users add unauthorized equipment to the network, or ARP poisoning/spoofing is taking place.

35 votes

Vote

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

Your name

I agree to the terms of service

Signed in as (Sign out)

You have left! (?) (thinking…)

Timeless Prototype shared this idea · Apr 4, 2011 · Flag idea as inappropriate… · Admin →

1 comment

Add a comment…

Your email address

Check!

invalid email

(thinking…)

Reset

or sign in with

UserVoice password

Forgot password?

Create a password

Your name

I agree to the terms of service

Signed in as (Sign out)

Submitting...

William Warren commented · April 7, 2011 11:22 a.m. · Flag as inappropriate · Delete

http://seclists.org/fulldisclosure/2011/Apr/69

This is endemic to ipv6 and is well known. Keep in mind this would NOT stop machine to machine direct spoofing but only machine to ASg or through ASG spoofing. The base default drop system of Astaro would take care of this issue as well.

Advanced Search Options

I suggest you ...

Network Security: Support for ARP Handler Inspection (arpon)

1 comment

Feedback

UTM (Formerly ASG) Feature Requests: Network Protection

Feedback and Knowledge Base

Searching…

Give feedback

Sophos Features & Ideas Laboratory

Astaro Security Gateway

Network Security

Web Security

Web Application Security

Mail Security

Information