Local network are threatened by ARP spoofing attacks on a daily basis. Easy to use and powerful tools freely available on the internet allow anyone to perform ARP attacks and eavesdrop or manipulate all data flowing through a local network. Firewalls have insufficient and mostly no mechanisms to detect ARP spoofing attacks, leaving users on a local network vulnerable to espionage, data theft and worse. XArp has been developed to fight this threat. It performs advanced ARP attack detection mechanisms using active and passive methods. XArp aims at system administrators who want to monitor a network and individual users. Two different GUIs allow anyone from normal users over network administrators to researchers to use XArp's powerful capabilities. XArp is highly configurable for power users and provides preset security levels for everyday users and their need to protect their data. Packet inspection methods and configurable detection modules passively inspect the network traffic in search for indication of ARP attacks. Active methods send support packet inspection and actively verify the state of the network, giving all power needed to defend against ARP attacks.