linux poison RSS
linux poison Email

Howto Detect IP conflicts in Linux - IPwatchD

IPwatchD is simple daemon that uses libpcap to detect IP conflict on Linux. It can be configured to listen on one or more interfaces (alias interfaces are also supported) in active or passive mode. In active mode IPwatchD protects your host before IP takeover by answering Gratuitous ARP requests received from conflicting system. In passive mode it just records information about conflict through standard syslog interface.



To build IPwatchD from source code you will need gcc, libpcap and libnet1 installed in your system. For desktop notification support you will also need libnotify. On Ubuntu it should be sufficient to install following packages with all dependencies: # apt-get install build-essential libpcap-dev libnet1-dev libnotify-dev

Download IPwatchD 1.1.1 source from sourceforge project page.
Extract the code:
$ bunzip2 ipwatchd-1.1.1.tar.bz2
$ tar -xf ipwatchd-1.1.1.tar
$ cd ipwatchd-1.1.1/src
Build IPwatchD with the desktop notification support..
$ make ..or as a pure daemon: $ make daemon

Install IPwatchD as root with command: # make install
IPwatchD executable is installed into /usr/local/sbin and the configuration file is copied into /usr/local/etc.
Edit configuration file /usr/local/etc/ipwatchd.conf with your favourite editor to suite your needs.

Run IPwatchD as root with command:
# /usr/local/sbin/ipwatchd -c /usr/local/etc/ipwatchd.conf

Killall utility can be used to gracefully stop IPwatchD:
# killall ipwatchd


1 comments:

Post a Comment

Related Posts with Thumbnails