#!/bin/bash
# A fully customisable ARP spoofing detection script :)
#
# Copyright (C) 2008 vladz <vladz@devzero.fr>
#
# This tool will prevent yourself against Man-In-The-Middle attacks. For
# better usage run this script in a xterm:
#    $ xterm -e "/bin/bash mitm.sh"

f="/proc/net/arp"             # Dump file of the kernel ARP table
t=5                           # Time interval between two checks (in sec)
m="- WARNING - MITM detected" # Alert msg displayed when MITM occurs
d="+%y/%m/%d-%H:%M:%S"        # Date format style

while true; do 
   sleep ${t}; awk '{if(x[$4]++) exit 1;}' ${f} || \
   { printf "*** At %s %s ***\n" "`date ${d}`" "${m}"; cat ${f}; }
done