Non importa quanto io google non riesco a ottenere una risposta definitiva.
-
Voci ARP statiche:
Static ARP addresses prevent only simple attacks and do not scale on a large network, since the mapping has to be set for each pair of machines resulting in n^2-n ARP entries that have to be configured when n machines are present: On every machine there must be an ARP entry for every other machine on the network, which are n-1 ARP entries on each of the n machines. While static entries provide some security against spoofing if the operating system handles them correctly, they result in maintenance efforts as address mappings of all systems in the network have to be distributed.
-
Software di rilevamento ARP:
This method is pretty useless. There are very few ARP detection programs out there, and the few that do exist are either free junk or over priced. In addition, to use these programs on a windows machine requires installing special drivers for your wireless cards. Recommendation: Don’t use. http://lewiscomputerhowto.blogspot.com/2014/03/perform-man-in-middle-attack-with-kali.html
Quindi, se non funzionano né il software anti-ARP né le voci statiche ARP, come proteggi lo spoofing ARP in una grande rete?