Results 1 to 2 of 2

Thread: Static ARP Table as defence against APR Poisoning

  1. 2023-09-01 #1
    lovert
    lovert is offline Junior Member
    Join Date
    2023-Sep
    Posts
    1

    Static ARP Table as defence against APR Poisoning

    I am running Opnsense firewall. I have static ARP entries set to "required" and setup each client with DHCP / mac address filtering and ARP entry. I also have option for "deny unknown clients" DHCP.

    Now I setup an ARP poisoning attack using Ettercap between 1 client and the firewall. The attack is successful.

    On the client machine arp -a shows that the MAC address of the firewall changes to Ettercap's address however on the Opnsense box the MAC address of the client stays the same (ie is the real MAC of the client not the ettercap address).

    So only the client needs the ARP poisoning to be successful ?
    Reply With Quote Reply With Quote
  2. 2023-09-26 #2
    Fred Sheehan
    Fred Sheehan is offline Senior Member
    Join Date
    2021-May
    Location
    UK
    Posts
    772
    At the ethernet layer, all addressing is done with MAC addresses, so 'spoofing' a MAC address can make any machine appear as another, thats the point...
    You need to read up on the basics of networking..
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. Nethunter self defence
    By ping in forum NetHunter Suggestions
    Replies: 1
    Last Post: 2015-03-24, 07:52
  2. ARP Poisoning not working on N7 2013?
    By thecapitalr in forum ARM Archive
    Replies: 1
    Last Post: 2013-11-09, 23:13

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules