<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/html1/DTD/html1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link REL="shortcut icon" HREF="favicon.ico"> <title> .: ArpON - Algorithms :. </title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="description" content="ArpON - ARP handler inspection" /> <link rel="stylesheet" href="style.css" type="text/css"> </head> <body class="color3"> <div id="contorno"> <br> </div> <div id="contorno1"> <fieldset class="main"> <br><br> <div id="question" align="center">.: ArpON algorithms :.</div><br> <br><br> <div id="tab2"> ArpON is a Proactive based solution and it defines the policies between all hosts on preventing Man In The Middle through ARP spoofing, ARP Cache Poisoning or ARP Poison Routing (APR). <br><br> ArpON don't use centralized server or encryption. It uses an authentication of type cooperative between the hosts based on the policies that all hosts with ArpON must respect. These policies allow exactly total protection by these attacks for all hosts that use ArpON. <br><br> To understand these policies, you need to understand the final algorithm called HARPI and HARPI is like a puzzle. To understand HARPI, you need to understand the pieces of SARPI and DARPI. Finally, HARPI combines SARPI and DARPI in an one protocol solution. </div> <br><br> <div id="question" align="center">.: SARPI - Static ARP inspection :.</div><br> <br> <div id="tab2"> SARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.<br><br> This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.<br><br> It manages a list with static entries, making it an optimal choice in those statically configured networks without DHCP.<br> </div> <br> <div align="center"><a class="img" href="img/algo/SARPI.jpg"><img src="img/algo/SARPI2.jpg" title="SARPI diagram" border=0></a></div> <br><br> <div id="question" align="center">.: DARPI - Dynamic ARP inspection :.</div><br> <br> <div id="tab2"> DARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.<br><br> This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.<br><br> It manages uniquely a list with dynamic entries. Therefore it's an optimal solution in dynamically configured networks having DHCP.<br> </div> <br> <div align="center"><a class="img" href="img/algo/DARPI.jpg"><img src="img/algo/DARPI2.jpg" title="DARPI diagram" border=0></a></div> <br><br> <div id="question" align="center">.: HARPI - Hybrid ARP inspection :.</div><br> <br> <div id="tab2"> HARPI detects and blocks Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning, ARP Poison Routing (APR) attacks and it is countermeasure against these attacks and the derived attacks by it, which Sniffing, Hijacking, Injection, Filtering & co attacks for more complex derived attacks, as: DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.<br><br> This algorithm is therefore a Point-to-Point, Point-to-Multipoint and Multipoint based solution that requires a daemon in every host of the connection for authenticate each host through an authentication of type cooperative between the hosts.<br><br> It manages two lists simultaneously: a list with static entries and a list with dynamic entries. Therefore it's an optimal solution in statically and dynamically (DHCP) configured networks together.<br> </div> <br> <div align="center"><a class="img" href="img/algo/HARPI.jpg"><img src="img/algo/HARPI2.jpg" title="HARPI diagram" border=0></a></div> <br><br> </div> </fieldset> <div align="center">Copyright (C) 2008-2011 Andrea Di Pasquale <<a href="mailto:spikey.it@gmail.com"> spikey.it@gmail.com </a>></div> <div id="footer" style=" padding-bottom: 3px; padding-top: 3px;"> </div> </div> </body> </html>
