ScottWStewart 2 Posted November 13, 2017 Share Posted November 13, 2017 One computer on my network is being detected by other PCs as sending an ARP cache poisoning attack. The computer that is being detected as sending an ARP attack has the latest ESET Enpoint Security and defs. One note, the user that uses this work station complains about the PC being slow. Below is details and screenshot from ESET Remote Administrator. Thanks in advance Computer Name accounting3-pc COMPUTER DESCRIPTION THREAT NAME RULE NAME RULE ID OCCURRED 2017 Nov 13 10:33:39 EVENT Detected ARP cache poisoning attack SOURCE ADDRESS 10.19.67.96 SOURCE PORT 0 TARGET ADDRESS 10.19.67.75 TARGET PORT 0 PROTOCOL ARP INBOUND Yes PROCESS NAME ACCOUNT COUNT 3 Link to comment Share on other sites More sharing options...
Recommended Posts