I know it's old news, but it's a very pretty way to protect against ARP Cache Poisoning. If you already know this code you'll see that a significant differences between the first code I made and this second one. [BOF] # -*- perl -*- # Script ID : farpce.pl - Force ARP Cache Entries Perl Script v. 0.4 # Date : Apr/06/2000 # Revisions : Apr/15/2000 # May/23/2000 # May/29/2001 # Author : Nelson Brito # E-mail : nelsonat_private use Getopt::Std; use Shell qw(arp); getopts('f:', \%o); $V = "0.4"; if($^O =~ /MSWin32/i){ @p = split(/\\/, $0); $0 = pop @p; $c = "-N"; } else{ $0 =~ s#.*/##; $c = "-i"; } print "--- $0 v. $V / Nelson Brito / Secunet AG ---\n"; $f = $o{'f'} ? $o{'f'} : f2($0); $m = f1($f) ? "Succed" : "Failed"; print $m . "!\n"; sub f1{ open(F, "<".$_[0]) or die "$0: $!\n"; foreach(<F>){ chomp; next if (/^\s*#/); next if (/^\s*$/); ((($i, $h, $I) = /\s*(.+?)\s+(\S+)\s*\s+(\S+)\s*/) == 3) or return 0; (split(/\./, $i) == 4) or return 0; (split(/:/, $h) == 6) or return 0; $h =~ y/:/-/ if ($^O =~ /MSWin32/); print "."; arp("-s", $i, $h, $c, $I); } close(F) or die "$0: $!\n"; return 1; } sub f2{ die <<_USAGE Usage: $_[0] [-f <arp-file>] Copyright © 2000, 2001 Nelson Brito<nelson\@SECUNET.COM.BR>. All rights reserved. _USAGE ; } # Making code as an ART! ;)) [EOF] Linux's ARP file example: #<IPAddr> <HWAddre> <Iface> 192.168.1.1 FF:DD:AA:00:00:44 eth0 Windows NT's ARP file example: #<IPAddr> <HWAddre> <Iface's IPAddr> 192.168.1.1 FF:DD:AA:00:00:44 192.168.1.69 Enjoy. Sem mais, -- # Nelson Brito # Security Analyst and Penetration Tester # Security Networks AG - The trust Company! # # Usage: cat <file> | perl .signature foreach(<STDIN>){chop;split(//,$_);print reverse @_;print "\n";}
This archive was generated by hypermail 2b30 : Tue May 29 2001 - 19:21:37 PDT