[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#492922: ITP: arpon -- arp handler inspection

On Tue, Jul 29, 2008 at 11:27:55PM +0200, Giuseppe Iuculano wrote:

>   Description     : arp handler inspection

That is not a short description, that is just the expansion of the

> ArpON (Arp handler inspectiON) is a portable handler daemon with some
> nice tools to handle all ARP aspects.
> It makes Arp a bit safer. This is possible using two kinds of anti Arp
> Poisoning tecniques, the first is based on SARPI or "Static Arp
> Inspection", the second on DARPI or "Dynamic Arp Inspection" approach.
> You can use ArpON to pentest some switched/hubbed LAN with/without DHCP
> protocol, in fact you can disable the daemon in order to use the tools
> to poison the ARP Cache

That is just ripped from the website. It is not very clear to me if this
is a stand-alone daemon or some command-line tools or both, if it works
as a real, bona-fide ARP daemon or if it is some kind of intrusion
detection tool or vulnerability scanner. Some words, like "pentest" and
"hubbed" do not exist in English as far as I know. Make sure
capitalisation is consistent. Please clarify the description. Try to get
upstream to clarify their description on the website as well. If you
haven't already done so, read

Other interesting things to know: How does arpon relate to existing
packages like arpalert, arping, arptables and farpd? Does it also
handle Neighbour Discovery packets (IPv6's equivalent of ARP)?

Met vriendelijke groet / with kind regards,
      Guus Sliepen <guus@debian.org>

Attachment: signature.asc
Description: Digital signature

Reply to: