Thehorse,

Yes, I was very surprised how easy it was to do a MITM attack. I always thought it was a complicated thing until I saw the tutorial made by Irongeek.
Since he didn't show any way to prevent it, I was hoping I would find some good answers here.

You mentioned your latest Cisco routers can prevent ARP poisoning. Is this done by what has already been mentioned in here, by fixed MAC/port settings and only allowing one MAC per port, or do they actually have a "check-box" for preventing ARP poisoning?

To give you a little background, I work at a college taking care of a bunch of webservers. I'm not responsible for the routers/network. But I think it's a big concern for the servers I'm responsible for, so I made these tests, and of course informed the network guy as well, to have him look in to this and hopefully fix it.

Thanks!