Network Protection: Firewall, NAT, QoS, & IPS How to Prevent ARP Spoofing?

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 2 subscribers
Views 5496 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Prevent ARP Spoofing?

tscott_16 over 10 years ago

How can I configure UTM to prevent ARP spoofing, such as with apps like Cain & Abel and Debookee?

This thread was automatically locked due to age.

Parents

0 BarryG over 10 years ago

Hi, if you're worried about your internal network, this kind of attack occurs on the switching layer and the traffic does not pass through the firewall before the attack.

i.e. you need to implement protections in the switches.

Conceivably, the IPS or ARPWATCH could alert on suspicious ARP traffic, but could not block it.
(You could install ARPWATCH on another internal system.)

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 10 years ago

Hi, if you're worried about your internal network, this kind of attack occurs on the switching layer and the traffic does not pass through the firewall before the attack.

i.e. you need to implement protections in the switches.

Conceivably, the IPS or ARPWATCH could alert on suspicious ARP traffic, but could not block it.
(You could install ARPWATCH on another internal system.)

Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 tscott_16 over 10 years ago in reply to BarryG

this kind of attack occurs on the switching layer and the traffic does not pass through the firewall before the attack.

Ah, you're right. I didn't think about that. I'll look into these options.
Thanks.
Cancel
Vote Up 0 Vote Down

Cancel