kaka81 0 Posted May 13, 2015 Share Posted May 13, 2015 Hello, a few days ago I installed ERA and rolled out Eset Endpoint Security to my clients (~70). Now I got on every client permanent warning: 1) ARP Cache Poisoning Attack, Source 192.168.0.1 (this is our PDC), Target *IP-Adress of Client*, Protocol ARP 2) Identical IP-Adress located in network -> this can't be true because we use an DHCP-Server and every IP address is uses only once in our network Any idea how I can fix this issue(s)? Thank you. Cheers, Christoph Link to comment Share on other sites More sharing options...
kaka81 0 Posted May 17, 2015 Author Share Posted May 17, 2015 No one? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,606 Posted May 18, 2015 Administrators Share Posted May 18, 2015 Couldn't it be that you have 2 network cards installed in the server? It would explain both the ARP cache poisoning attack detection as well identical IP address detection. As it is a trusted device, you can edit the policy applied on clients and create an IDS exception as shown below: Link to comment Share on other sites More sharing options...
Recommended Posts