Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been facing a problem from almost 15 days. Let me explain you what i have been facing.
I am using RHEL 5 Acting as DHCP, Squid Proxy, Firewall, Bandwidth Shaper. My server has IP Address 10.10.10.1
Now from any client when i execute this command (arp -a 10.10.10.1), i should get the Physicall Address of my Server,I am not getting Server's MAC Address, whenever i execute this command i get different MAC Address. I am not getting SAME Address everytime, getting differect MAC Address eveytime.
Now due to this PING to Server is breaking up and Internet stops Working.
Can anyone please tell me some Solutions.
I also made a script to get all the MAC Addresses Againt my Server's IP. I got more than 350 MAC Addresses.
As i dont know C Language so I dont know what this script will do but the description says
Quote:
OpenAAPD (0.1-beta) is an Anti Arp Poisoning Daemon for OpenBSD operating system which works with or without DHCP protocol support on the LAN networks without compromising the ARP protocol performances.
Arp is required for layer 2 Ethernet communications to function.. without it you can forget using Ethernet..
just fire up wireshark too see what I mean about arp..
Are you sure your Ethernet switch isn't defective ?
or do you have some other issue in the physical layer ? bad cabling, bad NIC, etc..
It is because your network is infected by arp poisoning virus the solution for this problem is you have to implement static arps in the client and servers
This thread is rather old by now... I'd hesitate to jump to the conclusion that this is caused by arp poisoning. For starters, he's on RFC 1918 address space.
There are useful tools to help troubleshoot this sort of thing - e.g. arpwatch - but unless OP shows up again to revisit his previously dead thread, they're probably not worth discussing in detail.
I have successfuly resolved this problem long time ago...i have created a custom software that needs to be isntalled at client side that cleans every thing....
Also i have switched to VPN, which is not vulnerable to such attacks. So all my problems regarding ARP Poisoning and ARP Attacks are soleved.
I created that software on VB6.0 platform, and is still under contineous upgradation.
I have successfuly resolved this problem long time ago...i have created a custom software that needs to be isntalled at client side that cleans every thing....
Also i have switched to VPN, which is not vulnerable to such attacks. So all my problems regarding ARP Poisoning and ARP Attacks are soleved.
I created that software on VB6.0 platform, and is still under contineous upgradation.
Worldofaries, If you have a windows client on your LAN that is sending false arp responses, it may be infected and should be reinstalled. A client side vb program would have to be run as Administrator. I suspect that the user has admin rights, and that is the main problem that lead to the Windows client being infected in the first place. Reinstall windows and configure it so the user doesn't run as administrator. It would be better to fix the underlining cause instead of applying a bandaid IMHO.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.