I've found this nice tool for *nix systems called ArpON that helps detect and prevent ARP poisoning attacks, aka Man in the Middle attacks.  It can operate in several different modes, the two primary modes being SARPI and DARPI. 

SARPI stands for Static ARP Protection and in this mode, ArpON stores a static cache of all the ARP entries it finds and compares ARP replies on the network to this cache to check if the IP addresses match the existing entries.

DARPI stands for Dynamic ARP Protection.  Operating in DARPI mode assumes that entries may already be poisoned and creates a new ARP cache.  The way this mode works is a tad confusing so I won't go into much detail about it, rather I'll refer you to ArpON's own page describing both SARPI and DARPI in more detail.

I've been experimenting with this tool the past couple days and it seems that it does a good job of preventing MitM attacks.  I've poisoned my own network with ArpON running and the poisoning doesn't seem to take effect.  I'll be playing with it more and if I find any discrepancies, I'll make contact with the author and help resolve the issues and tell you about it so you can update if you have an older version.  BTW, if you're running a version of this you downloaded pre-June 3rd 2008, you should update.  a problem causing crashes in ArpON when poisoning was either enabled or disabled on the attacking machine was found and resolved.