Overview

ArpON is a Proactive based solution and it defines the policies between all hosts on preventing Man In The Middle through ARP spoofing, ARP Cache Poisoning or ARP Poison Routing (APR).

ArpON don't use a centralized server or encryption. It uses an authentication of type cooperative between the hosts based on the policies that all hosts with ArpON must respect. These policies allow exactly total protection by these attacks for all hosts that use ArpON.

To understand these policies, you need to understand the final algorithm called HARPI and HARPI is like a puzzle. To understand HARPI, you need to understand the pieces of SARPI and DARPI. Finally, HARPI combines SARPI and DARPI in an one protocol solution.

SARPI :: Static ARP inspection

SARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.

It manages a list with static entries, making it an optimal choice in those statically configured networks without DHCP.

DARPI :: Dynamic ARP inspection

DARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.

It manages uniquely a list with dynamic entries. Therefore it's an optimal solution in dynamically configured networks having DHCP.

HARPI :: Hybrid ARP inspection

HARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.

This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.

It manages two lists simultaneously: a list with static entries and a list with dynamic entries. Therefore it's an optimal solution in statically and dynamically (DHCP) configured networks together.