¨Apply system patches to fix vulnerable TCP/IP stacks and services ¨Install anti-spoof filters on routers to thwart Land attacks ¨Use static ARP tables to thwart ARP spoofing