Hi,

i m trying to find a way to prevent arp spoof and sniff on my switched network and generally secure it.

after some personal researches i came to the result of : buy an ids and some sensors...(or convince my management that bsd and snort will be able to do what we need atm, but i ve close to no hope on this one).

maybe some of you have good ideas/practices/software i can use, some info on my setup :
- fully switched network,
- cisco devices only (2924 --> 4006),
- vlans used and deployed, so is vtp (...meaning the private vlan feature from cisco is a no no for me).
Also hardcoding the mac adress per port will give me nothing against the sniffing.

thanks in advance.