Jump to content

Permanent warnings

kaka81

By kaka81
in ESET Endpoint Products

 Share

Recommended Posts

kaka81

kaka81 0

Posted
Posted

Hello,

 

a few days ago I installed ERA and rolled out Eset Endpoint Security to my clients (~70).

Now I got on every client permanent warning:

1) ARP Cache Poisoning Attack, Source 192.168.0.1 (this is our PDC), Target *IP-Adress of Client*, Protocol ARP

2) Identical IP-Adress located in network -> this can't be true because we use an DHCP-Server and every IP address is uses only once in our network

 

Any idea how I can fix this issue(s)?

 

Thank you.

Cheers, Christoph

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,071

Posted
  • Administrators
Posted

Couldn't it be that you have 2 network cards installed in the server? It would explain both the ARP cache poisoning attack detection as well identical IP address detection. As it is a trusted device, you can edit the policy applied on clients and create an IDS exception as shown below:

 

post-10-0-13854900-1431969917_thumb.png

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...