Patrick A.
asked • 12/19/23One option to mitigate ARP-Spoofing would be?
Andrew S. answered • 12/19/23
Computer Networking, CyberSecurity, CyberForensics. MSc, CEH, CISSP
One way of protecting against ARP spoofing is to use packet-filtering firewalls. Packet-filtering firewalls flag data packets from an address that is found twice in the network, as this duplication suggests the presence of someone disguising themselves as another host.
Jesse B. answered • 03/08/24
Learned IT the hard way so you don't have to!
In some situations, when routing of packets is not required, packets will likely not pass through a firewall. In this situation you really need some sort of local security software or firewall to catch this kind of attack.
Another way would be to use static ARP entries. If individual devices within your network all have known IP to MAC values, it makes it a lot more difficult for an attacker to even gain access to your network without an already known and allowed MAC address. In that situation it makes it a lot harder for them to even FIND an address that they can use for spoofing.
Get a free answer to a quick problem.
Most questions answered within 4 hours.
Choose an expert and meet online. No packages or subscriptions, pay only for the time you need.
Answers · 3
Answers · 1
Answers · 1
Answers · 5
Answers · 2
John C.
5.0 (1,448)
James C.
4.9 (227)
Julie B.
5 (140)
Jesse B.
When Andrew says "address", I think he specifically means MAC address. The issue is that when someone does ARP spoofing, they claim that their MAC address is the same as a legitimate server with a legitimate IP address. From there they can perform man-in-the-middle attacks and have traffic sent from one host to or through a host they control (for any number of nefarious reasons)03/08/24