Jump to content

Archived

This topic is now archived and is closed to further replies.

CDuarte

ARP Poisoning Attack

Recommended Posts

Good morning all,

 

Recently I keep getting a message when I log into my system.

 

"Detected ARP cache poisoning attack" and shows me the IP address for my Backup Drive

 

All the computers on my environment are using windows 7 and some use windows 8. But as for the backup drive, it is just that.

 

Can anyone give me a hand please. :o

 

Thank you,

 

Carlos

post-2447-0-05041200-1386345273_thumb.jpg

Share this post


Link to post
Share on other sites

Thank you very much for the reply. I will try that and see if that fixes my problem.

Share this post


Link to post
Share on other sites

With v7 excluding trusted IP addresses from IDS is much easier. When an attack is detected, you should be able to open a dialog allowing you to stop blocking attacks from the particular trusted IP address as follows:

 

post-10-0-99189000-1386351713_thumb.png

 

post-10-0-51146700-1386351714_thumb.png

 

 

Share this post


Link to post
Share on other sites

Hello Marcos

 

"Question", this opportunity to interact with a dialog window, does it not only counts for when the firewall is set to be interactive. I mean, you will not see this opportunity if the firewall is set to automatic filtering? ( If I have understood it correctly, you could swift to interactive firewall to resolve a situation , regarding a poisoning attack, and in those cases, where it is a know and trusted ip, for then to set your firewall in automatic mode with exceptions, if necessary.

 

Regards Janus

Share this post


Link to post
Share on other sites

Janus, when I was having my internet connection issues, I do believe I saw that dialog window pop up (hey, this is new) when I was busy changing out modems. I do not believe I was in interactive mode (as I try to use automatic-less thinking involved), but I could be mistaken.  

Share this post


Link to post
Share on other sites

No, the option to set an IP address as trusted upon attack detection shows up regardless of what firewall mode is used.

Share this post


Link to post
Share on other sites

Hello

 

TomFace and Marcos, thanks for the feedback on my post . Have a nice weekend,  to both of you :-))

 

Regards Janus

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×