Professional Documents
Culture Documents
Detect Arp Poisoning
Detect Arp Poisoning
rm $logpath/arpwatch.log
arp -an | awk '{print $4}' | sort | uniq -c | grep -v ' 1 '
if [ "$?" -eq 0 ]
then
arp -an | awk '{print $4}' | sort | uniq -c | grep -v ' 1 ' >>
$logpath/arpwatch.log 2>&1
cat $logpath/arpwatch.log | mail -s 'Potential ARP Poisoning ALERT!'
your@email.com
else
echo -e "No potential ARP poisoning instances found..." >> $logpath/arpwatch.log
fi
# or use antiarp.exe