Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Arpstar
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
cascamorto
Guru
Guru


Joined: 28 Feb 2005
Posts: 373
PostPosted: Tue Mar 29, 2005 9:29 am    Post subject: Arpstar Reply with quote
2 questions:

1) Is the fact that it's masked mean it's unstable? (does anyone have it that can verify it's quite stable?)

2) Is it worth it not lot's of peoplle use this kind of security is that just cuz it's a kind of new attack and ppl aren't very aware of the threat yet?
_________________
The real world isn't what you thought it was going to be?
re-emerge it with gentoo linux!
Back to top
View user's profile Send private message
c4
Guru
Guru


Joined: 21 Feb 2004
Posts: 312
Location: Sweden
PostPosted: Tue Mar 29, 2005 12:35 pm    Post subject: Reply with quote
1) After reading this post and the ArpStar webpage yesterday I decided to give the package a try. It compiled fine, and I could load the module to my kernel without any problems.
So far so good.
Currently running 2.6.9-r1 on my server.
_________________
AMD64 Gentoo Hardened server
AMD64 Xubuntu Desktop
X86 Dreamlinux Vaio laptop
Back to top
View user's profile Send private message
Swi+ch
n00b
n00b


Joined: 28 Mar 2005
Posts: 7
PostPosted: Wed Mar 30, 2005 5:01 pm    Post subject: Reply with quote
1) It should be masked, yes. It's still in development and just was released for the population to use a few months ago. I've been using it for over half a year now and I love it. One bug could still exist (hopefully it was fixed in the last release. It's very hard to duplicate and happens very rarely) that causes a kernel crash on dhcpcd. But again...this happens very rarely and is difficult to duplicate. I haven't had it happen since the last release a month ago though. Besides that it seems to be very stable. I don't even notice it's there...but it's doing it's job.

I would highly encourage people who are thinking about using it to read the PDF that describes what it does and how it works. So you know what's going on in your own machine. There are a few module parameter settings that can be changed depending on how you want it to work that are described in the PDF and the README.

http://arpstar.sourceforge.net/docs/arpstar.pdf

2) Yes it's totally worth it. ARP poisoning is NOT a new attack. It actually occurs very frequently especially on wireless networks. The problem is that it's rather subtle and hard for the average user to notice. How often do you notice when your traffic is routed through a different machine? Hardly anyone monitors their arpcache and even programs that do this like arpwatch don't stop it. Hence the need for Arpstar.

Swi+ch
Westannex
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy