kaka81 0 Posted May 13, 2015 Posted May 13, 2015 Hello, a few days ago I installed ERA and rolled out Eset Endpoint Security to my clients (~70). Now I got on every client permanent warning: 1) ARP Cache Poisoning Attack, Source 192.168.0.1 (this is our PDC), Target *IP-Adress of Client*, Protocol ARP 2) Identical IP-Adress located in network -> this can't be true because we use an DHCP-Server and every IP address is uses only once in our network Any idea how I can fix this issue(s)? Thank you. Cheers, Christoph
Administrators Marcos 5,741 Posted May 18, 2015 Administrators Posted May 18, 2015 Couldn't it be that you have 2 network cards installed in the server? It would explain both the ARP cache poisoning attack detection as well identical IP address detection. As it is a trusted device, you can edit the policy applied on clients and create an IDS exception as shown below:
Recommended Posts