Arpwatch

Arpwatch

Arpwatch is an open source software used for monitoring Address Resolution Protocol (ARP) traffic on a computer network. It keeps track of Ethernet/IP address pairings and reports changes, which can help detect certain types of attacks.
Network & Admin Network Monitoring
Arpwatch image
arp monitoring network security
Arpwatch alternatives ➤

Arpwatch: Open Source ARP Traffic Monitoring Software

Open source software for monitoring Address Resolution Protocol (ARP) traffic on computer networks, tracking Ethernet/IP address pairings and detecting changes.

What is Arpwatch?

Arpwatch is an open source monitoring software used to detect changes in ARP cache and log changes to the Address Resolution Protocol (ARP) traffic on a computer network. It works by keeping a database of Ethernet MAC addresses and matching IP addresses. Arpwatch then monitors ARP replies on the local subnet and compares them to the stored addresses to detect inconsistencies.

If Arpwatch detects a discrepancy between a MAC address and IP address pairing that it already has recorded, it will log this change as a potential security threat. Sudden or frequent ARP reply changes could indicate ARP spoofing, ARP cache poisoning, or other man-in-the-middle (MiTM) attacks on the network.

By efficiently monitoring ARP traffic, Arpwatch aims to serve as an early warning system against malicious network activity. Common uses include detecting unknown hosts on networks, preventing ARP-based denial of service attacks, and observing ARP replies for inconsistencies that could reflect ARP spoofing attempts. As an open source tool, Arpwatch is free to download and modify as needed.

Arpwatch Features

Features

  1. Monitors ARP traffic
  2. Maintains IP/MAC address mapping database
  3. Sends email alerts on changes to mappings
  4. Detects certain network attacks
  5. Command line and daemon modes

Pricing

  • Open Source

Pros

Open source

Lightweight

Easy to deploy

Detects ARP spoofing

Alerts on suspicious activity

Cons

Requires expertise to interpret alerts

No GUI

Limited reporting capabilities

Does not prevent attacks

Must be tuned for each network

Official Links

Official Website
https://ee.lbl.gov

The Best Arpwatch Alternatives

Top Network & Admin and Network Monitoring and other similar apps like Arpwatch

Here are some alternatives to Arpwatch:

NetCut icon
NetCut
WifiKill icon
WifiKill
TuxCut icon
TuxCut
ElmoCut icon
elmoCut
CSArp-Netcut icon
CSArp-Netcut
Suggest an alternative ❐

NetCut icon

NetCut

NetCut is a free network monitoring software utility developed by Arcai.com that enables users to monitor active connections on local networks and control bandwidth usage. Some key features of NetCut include:Real-time network activity monitoring - See all devices currently connected to your network, their IP and MAC addresses, sent and...
NetCut image
WifiKill icon

WifiKill

WifiKill is an open-source Android application that gives users control over their local WiFi network by allowing them to disable other devices' internet connections. It works by continually sending deauthentication packets to the target device's MAC address, disrupting their WiFi connection.This effectively kicks the device off the network temporarily until...
WifiKill image
TuxCut icon

TuxCut

TuxCut is a free and open source video editor for Linux operating systems. It provides a simple graphical user interface and basic video editing capabilities to perform tasks like trimming video clips, splitting larger videos into smaller pieces, joining multiple clips into a single video, applying filters, adding transitions between...
TuxCut image
ElmoCut icon

ElmoCut

elmoCut is a free and open source non-linear video editor for basic to advanced video editing tasks. It provides a simple yet powerful timeline based interface for video editing tasks like trimming, splicing, audio mixing, adding 2D/3D effects and transitions, authoring Blu-rays/DVDs and more.Some key features include:Support for wide range...
ElmoCut image
CSArp-Netcut icon

CSArp-Netcut

CSArp-Netcut is a free network monitoring and management utility for Windows. It provides advanced network analysis capabilities to help users understand what devices are connected to their network, view detailed information about each device such as IP and MAC addresses, monitor network traffic patterns, and troubleshoot connectivity issues.Some of the...
CSArp-Netcut image