antidote is a daemon for detecting ARP spoofing (sometimes called "poisoning") on a network and alerting appropriately. It's intended to form part of a sysadmin's armoury against hackers, crackers, script kiddies and other undesirables.
Here are some key features of "antidote":
· Report suspicious activity via email and syslog
· Check for and alert of MAC:IP mapping changes.
· Configurable threshold to define when ARP behaviour appears suspicious
What's New in This Release:
· Bug in searchbackwards prevented an item being ever found - Fixed.