Network Security Monitoring with Arpwatch

Arpwatch is an amazingly useful tool that promiscuously listens on a specified interface for arp broadcasts.  It takes what it learns and saves the the output in a database for later reference in the following format. mac_address ip unix_date/time hostname It will take any changes/additions and log them to /var/log/messages as well as optionally emailing […]