[Olsr-dev] ARP prevention!
Andrea Di Pasquale
Sat Aug 13 22:53:38 CEST 2011
I want to do a port of ArpON (www: http://arpon.sourceforge.net) for OLSRd project for securing MAC layer (IPv4 environment) against Man In The Middle attacks through ARP Spoofing attack and his derived attacks.
ArpON (ARP handler inspection) is:
a portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks. It blocks also the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
This is possible using three kinds of anti ARP Spoofing tecniques: the first is based on SARPI or "Static ARP Inspection" in statically configured networks without DHCP; the second on DARPI or "Dynamic ARP Inspection" in dynamically configured networks having DHCP; the third on HARPI or "Hybrid ARP Inspection" in "hybrid" networks, that is in statically and dynamically (DHCP) configured networks together.
ArpON is therefore a proactive point to point and multipoint based solution that requires a daemon in every host of the connection and that doesn't modify the classic ARP standard base protocol by IETF, but rather sets precise policies by using SARPI for static networks, DARPI for dynamic networks and HARPI for hybrid networks thus making today's standardized protocol working and secure from any foreign intrusion.
ArpON is a host-based solution (it works with hosts cooperation) and a multipoint environment is a mesh environment and ArpON works very well on this.
Is you interest (OLSRd team) this protection on OLSRd network?
More information about the Olsr-dev