S-ARP is a Permanent Solution to ARP Spoofing Attacks

1538 Words Feb 21st, 2018 6 Pages
How can ARP spoofing attack be controlled permanently? What are the drawbacks of S-ARP protocol, Static MAC Entries, Kernel based patches?
Answer:
1.1.1 Secure ARP Protocol (S-ARP)
This has been proposed as a replacement for the ARP protocol in [10]. The S-ARP protocol is definitely a permanent solution to ARP spoofing but the biggest drawback is that we will have to make changes to the network stack of all the hosts. This is not very scalable as going for a stack upgrade across all available operating systems is something both vendors and customers will not be happy about. As S-ARP uses Digital Signature Algorithm (DSA) we have the additional overhead of cryptographic calculations though the authors of the paper have claimed that this overhead is not significant.
1.1.2 Static MAC Entries Adding static MAC addresses on every host for all other hosts will not allow spoofing but is not a scalable solution at all and managing all these entries is a full time job by itself. This can fail miserably if mobile hosts such as laptops are periodically introduced into the network. Also some operating systems are known to overwrite static ARP entries if they receive Gratuitous ARP packets (GARP).
1.1.3 Kernel Based Patches Kernel based patches such as Anticap[11] and Antidote[12] have made an at- tempt to protect from ARP spoofing at a individual host level. Anticap[11] does not allow updating of the host ARP cache by an ARP reply that carries a differ- ent MAC address then…
Open Document