The Sysadmin’s Daily Grind: Arpalert

ARP WATCH

Article from Issue 73/2006

Author(s): CHARLY KÜHNAST

Corporate policies prohibit the unauthorized connection of hardware to the company network, threatening dire consequences in the case of non-compliance. Fair enough, but how do you actually go about catching somebody trying to plug an illegal laptop into your Ethernet?

My choice for a faithful watchdog is Arpalert [1]. Arpalert creator Thierry Fournier recommends the following incantation to send the beast off into the wild: ./configure --prefix=/usr/local make make install This series of commands puts the C program in /usr/local/sbin and the arpalert.conf configuration file in /usr/local/etc/arpalert. No Place Like Home For my initial experiments, I decided to use a network that gives me excellent visibility, such as the network in my home office. It’s the weekend, and my wife has gone down to the local library, so I shouldn’t have more than four of five computers on the network. I did the following to launch Arpalert: /usr/local/sbin/arpalert

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES

SUBSCRIPTIONS

Print Subs

Digisubs

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia

Related content

Perl: Monitoring MAC Addresses

They say darkness is the friend of thieves, but the Perl daemon in this month’s column illuminates dastardly deeds, exposing hidden activities and alerting the admin when things seem to be going awry.

more »
Charly's Column

If protocols were human beings, NNTP would be a kind and slightly confused person that always believes the best of other people – even if they drop trash in the mailbox. Postfilter gives NNTP a watchdog.

more »
Charly's Column

Leafnode is a Usenet server for small sites where just a few users need access to a large number of groups. The Leafnode server is designed to recover from errors autonomously and needs very little attention.

more »
Charly's Column

Some people don’t mind leaving traces of their IP address wherever they go, others prefer to use a tool like The Onion Router.

more »
Charly's Column

On vacation we may be happy just to check the position of the sun,but computers need a more accurate measure of time. Luckily, there are atomic clocks that can receive time signals by radio and off the Internet.

more »

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF:

Charly_Column.pdf (87.03 kB)

News

Old Vulnerabilities Are Kept Alive Through Bad Configuration

HP's annual Cyber Risk report offers a bleak look at the state of IT.
Linus Torvalds Announces Linux 4.0

But what do the big numbers really mean?
Microsoft Frees CoreCLR

.NET , CoreCRL , open source

.NET Core execution engine is the basis for cross-platform .NET implementations.
New Trojan Attacks Linux Servers

Xnote

The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Cisco Releases Annual Security Report

Spammers go low-volume, and 90% of IE browsers are unpatched.
Zero Day Exploits Target Flash

Adobe scrambles to release patches for vulnerable Flash Player.
Intel Unveils Compute Stick

Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
Obama Proposes Personal Data Notification Law

New statute would require companies to report break-ins to consumers.
TGXf Project Warns of File Transfer through Screen Pixels

Weird data transfer technique avoids all standard security measures.
Industry Giants Announce a Fix for the Password Mess

FIDO alliance declares the beginning of the end for old-style login authentication.