Categories
Cloud Computing

Strong Network Security with ARPless – Hapless without ARPless?

In the realm of network security we tend to hear a lot of terms like “denial of service”, “man-in-the-middle”, or “session hijacking” and so on. For those deep into the networking and network security field, dealing with these terms is a real-life situation everyday.

Also, keeping up to date with the latest trends, software and solutions is a major part of the knowledge gathering practices.

Although it is near-impossible to have a 100% final solution to the serious issues of denial of service, man-in-the-middle, or session hijacking and similar others, SynchroKnot has approached the underlying cause to help substantially reduce and, in some cases, fully alleviate these issues.

For those unfamiliar, SynchroKnot software transforms any server, workstation, desktop or embedded device into a decentralized cloud or data center [data decenter] in minutes. You can use any commodity X86_64 Desktop/Workstation/Server/Embedded device and connect them to eachother. There is no need to purchase virtualization software [VMware, OpenStack, Hyper-V etc], switches & routers or storage [SAN/NAS].

ARPless is a part of SynchroKnot Spatial Defined Networking and works with the virtual machines of the tenants. It builds a secure vacuum of multi-dimensional layers of security starting with not allowing the virtual machine’s MAC address to be spoofed. Then, it only allows the communication between groups of virtual machines with their matching 28-bit Interstellar Identification assigned to their MAC addresses, and as a last step, securely and intelligently auto-responds to the virtual machines when they make an ARP request so that they always know who is who and where to go. This practically makes ARP spoofing, ARP cache poisoning, or ARP poison routing very difficult-to-impossible.

[It is advised to read the post earlier about Interstellars]

As an additional option, ARPless can be invoked with blockchain cryptography, which ensures that security policies, accountability and awareness are at the same level across the team(s), department(s) and organization(s).

Above is just a brief description. Below are some of the highlights:

■ ARPless creates a secure vacuum for trusted communication between virtual machines, and also with the existing physical infrastructure.

■ ARPless does not allow forced traffic diversion from poisoned ARP caches of virtual machines to reach undesired destination(s).

■ ARPless ignores requests from virtual machines that impersonate the original to force divert traffic or gain access.

■ ARPless securely and intelligently auto-responds to the virtual machines when they make an ARP request [ no agent / software needs to be installed inside the virtual machine(s) ]. It does not allow ARP requests from the virtual machines to get onto the network.

■ ARPless can further limit ARP traffic within the secure vacuum.

■ ARPless practically makes ARP spoofing, ARP cache poisoning, or ARP poison routing very difficult-to-impossible, which in turn substantially reduces the possibilities of other attacks stemming from it, such as denial of service, man-in-the-middle, or session hijacking.

■ ARPless intelligently handles and manages the following opcodes : 1 Request, 2 Reply, 3 Request_Reverse, 4 Reply_Reverse, 5 DRARP_Request, 6 DRARP_Reply, 7 DRARP_Error, 8 InARP_Request and 9 ARP_NAK

We have an excellent video to sharpen your skills at the link below.

■ Network Security with Arpless Interstellar

More information is available at:
■ synchroknot.com