Autharp is a proposed extension to the ARP protocol to authenticate packets in order to avoid ARP Poisoning attacks.
ARP poisoning is a common attack at the Local Area Network level. By performing this attack, it is possible to either spoof a node on the network or to tap the line of communications between two hosts.
This attack is relatively easy to perform; there are a number of tools for several different operating systems that can do it (Ettercap, ArpToxin). The only requisite is the physical access to the affected network.
The solutions available require a compromise of network flexibility or expensive hardware requirements. AuthArp intends to provide a solution that is both secure and flexible by using public key authentication on ARP traffic.
The current implementation of AuthArp is a fully working proof-of-concept. It has been tested under Linux 2.4 and has the following requirements:
You can download a copy of the implementation here. The code is released under the GNU Public License.
Please send any comments to urtubia@mrbook.org