Skip to content

Tomer-Rubinstein/ARP-Watch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
arpwatch.py
arpwatch.py
 
 

Repository files navigation

ARP-Watch

ARP-Watch is a software to prevent ARP Spoofing attacks on a network.

ARP Spoofing(/Poisoning) - Maliciously crafted ARP packets can pretend to be another device in the network (by overriding the MAC address in the ARP cache). Thus, an attacker can cause a MITM (man-in-the-middle) attack where he intercepts outgoing packets from the victim.

ARP-Watch solves this problem by saving a trusted copy of the ARP cache in memory, sniffs incoming ARP packets, to see for any change in the ARP cache and if there is, alert the user.

Moreover, if the program is running with the --heal flag, it will eventually discard any changes in the ARP cache.

Usage

$ python arpwatch.py --help
usage: arpwatch.py [-h] [--heal]

Sniff ARP packets and watch for ARP spoofing

optional arguments:
  -h, --help  show this help message and exit
  --heal      In occasion of ARP spoofing, replace the poisoned entry from the
              ARP cache with the previous trusted entry.

About

Watch for ARP Spoofing attempts on a network.

Topics

arp-spoof-detector

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages