ArpON (ARP handler inspection) is a portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks. It blocks also the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

This is possible using three kinds of anti ARP Spoofing tecniques: the first is based on SARPI or "Static ARP Inspection" in statically configured networks without DHCP; the second on DARPI or "Dynamic ARP Inspection" in dynamically configured networks having DHCP; the third on HARPI or "Hybrid ARP Inspection" in "hybrid" networks, that is in statically and dynamically (DHCP) configured networks together.

ArpON is therefore a proactive Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts and that doesn't modify the classic ARP standard base protocol by IETF, but rather sets precise policies by using SARPI for static networks, DARPI for dynamic networks and HARPI for hybrid networks thus making today's standardized protocol working and secure from any foreign intrusion.

Features

Support for interfaces:
Ethernet, Wireless

Manages the network interface with:
Unplug iface, Boot OS, Hibernation OS, Suspension OS

Proactive based solution for connections:
Point-to-Point, Point-to-Multipoint, Multipoint

Type of authentication for host:
Cooperative between the hosts

Support for networks:
Statically, Dynamically (DHCP), Hybrid network that is statically and dynamically

Retro compatible with:
Classic ARP standard base protocol by IETF

Support of Gratuitous ARP request and reply for:
Failover Cluster, Cluster with load-balancing, High-Availability (HA) Cluster

Blocks the Man In The Middle (MITM) attack through:
ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR)

Three kinds of anti ARP Spoofing tecniques:
SARPI or Static ARP Inspection, DARPI or Dynamic ARP Inspection, HARPI or Hybrid ARP Inspection

Blocks the derived attacks:
Sniffing, Hijacking, Injection, Filtering & co attacks

Blocks the complex derived attacks:
DNS Spoofing, WEB Spoofing, Session Hijacking, SSL/TLS Hijacking & co attacks

Tested against:
Ettercap, Cain & Abel, DSniff, Yersinia, scapy, netcut, Metasploit, arpspoof, sslsniff, sslstrip & co tools