[Olsr-users] ARP Question
Andrea Di Pasquale
(spam-protected)
Sat Aug 6 18:36:33 CEST 2011
Ok.
I want to do a port of ArpON for OLSRd project for securing MAC layer (IPv4 environment) against Man In The Middle attacks through ARP Spoofing attack.
ArpON (ARP handler inspection) is:
a portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks. It blocks also the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
www: http://arpon.sourceforge.net/documentation.html
This is possible using three kinds of anti ARP Spoofing tecniques: the first is based on SARPI or "Static ARP Inspection" in statically configured networks without DHCP; the second on DARPI or "Dynamic ARP Inspection" in dynamically configured networks having DHCP; the third on HARPI or "Hybrid ARP Inspection" in "hybrid" networks, that is in statically and dynamically (DHCP) configured networks together.
www: http://arpon.sourceforge.net/algorithms.html
ArpON is therefore a proactive point to point and multipoint based solution that requires a daemon in every host of the connection and that doesn't modify the classic ARP standard base protocol by IETF, but rather sets precise policies by using SARPI for static networks, DARPI for dynamic networks and HARPI for hybrid networks thus making today's standardized protocol working and secure from any foreign intrusion.
www: http://arpon.sourceforge.net
So, ArpON is host-based solution and a multipoint environment is a mesh environment and ArpON works very well on this.
Is you interest (OLSRd team) this protection on OLSRd network?
Thank you,
Andrea
Il giorno 05/ago/2011, alle ore 22:58, Henning ha scritto:
> On Fri, 05.08.2011 22:49:56 Andrea Di Pasquale wrote:
>> Hi guys,
>>
>> I'm Andrea Di Pasquale, author of ArpON (http://arpon.sourceforge.net).
>> My question is: Does olsrd use the ARP cache in the management of the
>> routing?
> Normally OLSRd does nothing with ARP... but if you use the arprefresh plugin
> OLSRd will automatically setup the arpcache entries for the next hops.
>
> Henning Rogge
More information about the Olsr-users
mailing list