ARP Poisoning and IP Duplicate Alerts

[User123 0]

Hello,

I’m getting lots of alerts about IP duplicate and ARP poisoning attack, I got at least 15 so far. I disconnected from my Wi-Fi, but each time I’m trying to reconnect to the WiFi and open the internet browser it shows me another alert of duplicate IP. I don’t trust this IP, even though according to your instructions the number of the IP is within the normal range.

What can I do? It’s urgent

 

[User123 0]

Just found out the IP address in The alerts is the same IP address of my LG smart TV, what does it mean?

[Marcos 5,070]

You can exclude the IP address from IDS detection. When you get the alert, you can change handling of future detections. You can also exclude the IP address from this particular detection in the IDS setup in the advanced setup. Also you can try right-clicking the detection record in the firewall log and selecting "Do not block similar event in the future".

[User123 0]

Thank you,

One last question - any idea why I don’t get those alerts when using Mozilla Firefox? I get this alerts only when using Chrome of Microsoft Edge.. is Mozilla Firefox not supported by Eset?

[Marcos 5,070]

11 hours ago, User123 said:

One last question - any idea why I don’t get those alerts when using Mozilla Firefox? I get this alerts only when using Chrome of Microsoft Edge.. is Mozilla Firefox not supported by Eset?

I, for one, don't see any connection between the IDS detection and using a browser. As far as browsers are concerned, ESET scans http(s) communication regardless of the browser and there is no connection with the IDS detection.