What's new
Carbonite

South Africa's Top Online Tech Classifieds!
Register a free account today to become a member! (No Under 18's)
Home of C.U.D.

Protection from arp poisoning

Human1being

Member
Rating - 100%
7   0   0
Joined
Sep 14, 2018
Messages
150
Reaction score
21
Points
1,585
Age
26
Good day

I would like to ask if anyone can assist me. My parents have 2 flats attached to the house that they rent out as a lodge for extra income. I helped them with a network setup in terms of a powerline that is connected to the modem and then the other end is connected to a router that is in the roof of the two flats that is rented out.

Last night the WiFi went out in the flats and my parents asked me if I could help so I thought perhaps it was the usual thing like just switch it off and on or maybe the powerline things disconnected and just need to be synced again but nothing worked. The WiFi in the main house with the main modem and router extension both worked but the router in the flat didn't obtain a Internet connection. So anyway I offered to connect the guest to the main router for the time being. WiFi signal is much weaker but somewhat usable. I connected the guest to the main router and took the extension of the flats into the house and was going to just perform a factory reset on it etc etc but on my parents pc eset nod was detecting multiple arp poisoning attacks.

Now I read online you can prevent these attacks by assigning static ips and perform mac and ip binding however I set up the network for dynamic ips to be assigned. I can give my parents static ips but I'm not available 24/7 to now assist a guest that checks in to assign them a static ip.

Is there a way around this like a program that can be placed on a computer or perhaps a restriction to be placed on the router extension that is usually in the flats or is this simply just something that will occur if an attacker is connected to the main router?
 
Can't you just assign static IPs based on the Mac address of the pc's on the router?

example if mac = a then address = 10.0.0.51 etc?

This way you still use DHCP to assign addresses, but the specified machines will always have the same IP.
 
Can't you just assign static IPs based on the Mac address of the pc's on the router?

example if mac = a then address = 10.0.0.51 etc?

This way you still use DHCP to assign addresses, but the specified machines will always have the same IP.
I'll give it a shot. I've never done networking or things like this before. Just followed instructions online for the routers when I set it up for my parents. But thanks for the information. Will do some reading on it
 
Change Wifi password to 20 character sentence that includes special characters and numbers. MAC spoof beats MAC filter. I would hide SSID and use a few low powered AP's spread out in premises to achieve signal reach instead of a single powerful AP that some random can scan from 3 houses away and try hack.
 
Change Wifi password to 20 character sentence that includes special characters and numbers. MAC spoof beats MAC filter. I would hide SSID and use a few low powered AP's spread out in premises to achieve signal reach instead of a single powerful AP that some random can scan from 3 houses away and try hack.
Okay I can always give this a shot but not sure if this will help me as I did mention that we rent out the flats like a lodge vibe. So would it be that I hide the ssid of the main router in the house? But we provide internet to the people in the flats. I can do the Mac spoofing yes, did some research on it last night before replying.
 
Yes, hide the main SSID. You might need to help them connect new devices to main SSID wifi when needed, though. Try isolate flats wifi by making it a guest network (easy) or using VLANs (not so easy), if your router supports it, this way hacker can't get to main router via them.
 
Yes, hide the main SSID. You might need to help them connect new devices to main SSID wifi when needed, though. Try isolate flats wifi by making it a guest network (easy) or using VLANs (not so easy), if your router supports it, this way hacker can't get to main router via them.
@Moemfie_ZA did mention about the guest network and changing the password. I'll see if I can combine it with what I have done. Thanks man appreciate everything
 

Users who are viewing this thread

Latest posts

Back
Top Bottom