Jump to content

Recommended Posts

Posted

Hi,

Our current network is running on class C "192.168.10.x/24" and few of my clients receiving "ARP Cache Poisoning attack" when cross check it found out that the source and target within the trusted network which is 10.x/24 network.  

Steps taken: Have added our trusted network (given above) under IDS but seems not resolve.

 

Kindly advice further

Posted (edited)

Did you follow the steps given here depending on what EES version you have installed:

https://support.eset.com/en/kb7052-create-ids-exclusions-on-client-workstations-in-your-eset-endpoint-product-6x

Or, at the ERA level: https://support.eset.com/en/kb6624-create-ids-exclusions-in-eset-remote-administrator-6x

https://support.eset.com/en/kb7053-create-ids-exclusions-on-client-workstations-in-your-eset-endpoint-product-7x

Or, at the EMSC level: https://support.eset.com/en/kb7054-create-ids-exclusions-for-client-workstations-in-eset-security-management-center-7x

In reference to IDS exclusion details, you would be selecting the alert for ARP cache poisoning attack. The Remote IP address entered would be 10.x.x.0/24.

 

Edited by itman
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...