Jump to content

ARP cache poisoning attack


Recommended Posts

My director keeps getting an ESET pop up saying:425341853_IMG-20210323-WA0003(1).thumb.jpg.f39ccea6a8d05b23a9da5e80f138d394.jpg

 

We think it may be her netgear box that is the problem. I have asked her to check if it is password protected like her router.

 

What should i do in response to the following message that then pops up? Any other info gratefukly received as her last laptop was sending spam from her email purporting to be from her. We have changed all her passwords but fear this may happen again

Thanks a lot

IMG-20210323-WA0003.thumb.jpg.5cb379a3aa41610ceebf52571d5febaf.jpg

Link to comment
Share on other sites

This is the second recent posting in regards to Netgear hardware.

It a Netgear Wi-Fi Extender installed on the network?

Link to comment
Share on other sites

yes, the signal was too weak from the router so they installed a wifi extender

 

Link to comment
Share on other sites

Refer to this posting with someone with the same issue: https://forum.eset.com/topic/27838-arp-cache-poisoning-notification-after-adding-extender/ .

You can exclude IPv4 local subnet addresses covered by extender by specifying their range in Eset IDS exclusion zone - see below screen shot. Also what appears to have worked for the other thread poster was to perform IPv4 network rest.

Eset_Zones.thumb.png.a8f232f9d8931f331c49550da772c651.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...