FreeBSD Bugzilla – Attachment 110778 Details for
Bug 151973
New port: security/arpCounterattack -- Detects and remedies ARP attacks
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
file.txt
file.txt (text/plain), 4.56 KB, created by
Boris Kochergin
on 2010-11-05 22:40:08 UTC
(
hide
)
Description:
file.txt
Filename:
MIME Type:
Creator:
Boris Kochergin
Created:
2010-11-05 22:40:08 UTC
Size:
4.56 KB
patch
obsolete
>#!/bin/sh ># This is a shell archive >echo x arpCounterattack >mkdir -p arpCounterattack > /dev/null 2>&1 >echo x arpCounterattack/files >mkdir -p arpCounterattack/files > /dev/null 2>&1 >echo x arpCounterattack/Makefile >sed 's/^X//' > arpCounterattack/Makefile << 'SHAR_END' >X# New ports collection makefile for: arpCounterattack >X# Date created: 05 November 2010 >X# Whom: Boris Kochergin <spawk@acm.poly.edu> >X# $FreeBSD$ >X# >X >XPORTNAME= arpCounterattack >XPORTVERSION= 1.2.0 >XCATEGORIES= security >XMASTER_SITES= http://isis.poly.edu/~bk/${PORTNAME}/ \ >X http://bk.macroblock.net/${PORTNAME}/ >XEXTRACT_SUFX= .tbz >X >XMAINTAINER= spawk@acm.poly.edu >XCOMMENT= Detects and remedies ARP attacks >X >XLIB_DEPENDS= dnet.1:${PORTSDIR}/net/libdnet >X >XSUB_FILES= pkg-message >X >XUSE_RC_SUBR= ${PORTNAME} >X >X.include <bsd.port.pre.mk> >X >X.if ${OSVERSION} < 700000 >XBROKEN= does not compile on 6.x (no ether_aton_r()) >X.endif >X >Xpost-install: >X @if [ ! -f ${PREFIX}/etc/${PORTNAME}/${PORTNAME}.conf ]; then \ >X ${CP} -p ${PREFIX}/etc/${PORTNAME}/${PORTNAME}.conf.sample \ >X ${PREFIX}/etc/${PORTNAME}/${PORTNAME}.conf ; \ >X fi >X @${CAT} ${PKGMESSAGE} >X >X.include <bsd.port.post.mk> >SHAR_END >echo x arpCounterattack/distinfo >sed 's/^X//' > arpCounterattack/distinfo << 'SHAR_END' >XMD5 (arpCounterattack-1.2.0.tbz) = e003370c9d90c3c7b24542897b6036db >XSHA256 (arpCounterattack-1.2.0.tbz) = 28cb61cb799871bbb10057fddbd7a445f10b27725eca088f370eeff157f88f3d >XSIZE (arpCounterattack-1.2.0.tbz) = 507939 >SHAR_END >echo x arpCounterattack/pkg-descr >sed 's/^X//' > arpCounterattack/pkg-descr << 'SHAR_END' >XarpCounterattack is a program for detecting and remedying "ARP attacks." It >Xmonitors traffic on any number of Ethernet interfaces and examines ARP replies >Xand gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP >Xrequest that is in conflict with its notion of "correct" Ethernet/IP address >Xpairs, it logs the attack if logging is enabled, and, if the Ethernet >Xinterface that the attack was seen on is is configured as being in aggressive >Xmode, it sends out a gratuitous ARP request and a gratuitous ARP reply with >Xthe "correct" Ethernet/IP address pair in an attempt to reset the ARP tables >Xof hosts on the local network segment. The corrective gratuitous ARP request >Xand corrective gratuitous ARP reply can be sent from an Ethernet interface >Xother than the one that the attack was seen on. >X >XWWW: http://acm.poly.edu/wiki/ARP_Counterattack >X >X-Boris Kochergin <spawk@acm.poly.edu> >SHAR_END >echo x arpCounterattack/pkg-plist >sed 's/^X//' > arpCounterattack/pkg-plist << 'SHAR_END' >Xsbin/arpCounterattack >X@unexec if cmp -s %D/etc/arpCounterattack/arpCounterattack.conf.sample %D/etc/arpCounterattack/arpCounterattack.conf; then rm -f %D/etc/arpCounterattack/arpCounterattack.conf; fi >Xetc/arpCounterattack/arpCounterattack.conf.sample >X@exec if [ ! -f %D/etc/arpCounterattack/arpCounterattack.conf ] ; then cp -p %D/%F %B/arpCounterattack.conf; fi >Xetc/arpCounterattack/oui.txt >X@dirrmtry etc/arpCounterattack >SHAR_END >echo x arpCounterattack/files/pkg-message.in >sed 's/^X//' > arpCounterattack/files/pkg-message.in << 'SHAR_END' >X >XBefore starting arpCounterattack, you should edit its configuration file, >X%%PREFIX%%/etc/arpCounterattack/arpCounterattack.conf. Then, add the following >Xline to /etc/rc.conf: >X >Xarpcounterattack_enable="YES" >X >XFinally, to start it, run the following command: >X >X%%PREFIX%%/etc/rc.d/arpCounterattack start >X >SHAR_END >echo x arpCounterattack/files/arpCounterattack.in >sed 's/^X//' > arpCounterattack/files/arpCounterattack.in << 'SHAR_END' >X#!/bin/sh >X# $FreeBSD >X >X# PROVIDE: arpcounterattack >X# REQUIRE: DAEMON >X# BEFORE: LOGIN >X# KEYWORD: shutdown >X >X# Define these arpcounterattack_* variables in one of these files: >X# /etc/rc.conf >X# /etc/rc.conf.local >X# /etc/rc.conf.d/arpcounterattack >X# >X# DO NOT CHANGE THESE DEFAULT VALUES HERE >X# >Xarpcounterattack_enable="${arpcounterattack_enable-NO}" >Xarpcounterattack_pidfile="/var/run/arpCounterattack.pid" >X >X. /etc/rc.subr >X >Xname="arpcounterattack" >Xrcvar=`set_rcvar` >Xcommand="%%PREFIX%%/sbin/arpCounterattack" >X >Xload_rc_config $name >X >X: ${arpcounterattack_config="%%PREFIX%%/etc/arpCounterattack/arpCounterattack.conf"} >X: ${arpcounterattack_flags="-c ${arpcounterattack_config}"} >X >Xpidfile="${arpcounterattack_pidfile}" >Xrequired_files="${arpcounterattack_config}" >X >Xcase "${arpcounterattack_flags}" in >X*-p\ *) >X echo "ERROR: \$arpcounterattack_flags includes -p option." \ >X "Please use \$arpcounterattack_pidfile instead." >X exit 1 >X ;; >X*) >X arpcounterattack_flags="-p ${pidfile} ${arpcounterattack_flags}" >X ;; >Xesac >X >Xrun_rc_command "$1" >SHAR_END >exit
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=110778">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 151973
: 110778 |
110779
Working