Results 1 to 2 of 2

Thread: Static ARP Table as defence against APR Poisoning

  1. #1
    Join Date

    Static ARP Table as defence against APR Poisoning

    I am running Opnsense firewall. I have static ARP entries set to "required" and setup each client with DHCP / mac address filtering and ARP entry. I also have option for "deny unknown clients" DHCP.

    Now I setup an ARP poisoning attack using Ettercap between 1 client and the firewall. The attack is successful.

    On the client machine arp -a shows that the MAC address of the firewall changes to Ettercap's address however on the Opnsense box the MAC address of the client stays the same (ie is the real MAC of the client not the ettercap address).

    So only the client needs the ARP poisoning to be successful ?

  2. #2
    Join Date
    At the ethernet layer, all addressing is done with MAC addresses, so 'spoofing' a MAC address can make any machine appear as another, thats the point...
    You need to read up on the basics of networking..

Similar Threads

  1. Nethunter self defence
    By ping in forum NetHunter Suggestions
    Replies: 1
    Last Post: 2015-03-24, 07:52
  2. ARP Poisoning not working on N7 2013?
    By thecapitalr in forum ARM Archive
    Replies: 1
    Last Post: 2013-11-09, 23:13

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts