.: ArpON algorithms :.
.: SARPI - Static ARP inspection :.
SARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
This algorithm is therefore a point to point based solution and multipoint based solution that requires a daemon in every host of the connection.
It manages a list with static entries, making it an optimal choice in those statically configured networks without DHCP.
.: DARPI - Dynamic ARP inspection :.
DARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
This algorithm is therefore a point to point based solution and multipoint based solution that requires a daemon in every host of the connection.
It manages uniquely a list with dynamic entries. Therefore it's an optimal solution in dinamically configured networks having DHCP.
.: HARPI - Hybrid ARP inspection :.
HARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
This algorithm is therefore a point to point based solution and multipoint based solution that requires a daemon in every host of the connection.
It manages two lists simultaneously: a list with static entries and a list with dynamic entries. Therefore it's an optimal solution in statically and dynamically (DHCP) configured networks together.
Copyright (C) 2008-2011 Andrea Di Pasquale <
spikey.it@gmail.com
>