COMODO - Anti-ARP spoofing attack - What is it?

Status
Not open for further replies.
aliali

aliali

Level 2
Thread author
Verified
Sep 7, 2016
76
What is ARP SPOOFING?

ARP.PNG
 
  • Like
Reactions: ZeroDay, aragornnnn, ravi prakash saini and 4 others
SHvFl

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,350
  • Enable anti-ARP spoofing - A gratuitous Address Resolution Protocol (ARP) frame is an ARP Reply that is broadcast to all machines in a network and is not in response to any ARP Request. When an ARP Reply is broadcast, all hosts are required to update their local ARP caches, whether or not the ARP Reply was in response to an ARP Request they had issued. Gratuitous ARP frames are important as they update your machine's ARP cache whenever there is a change to another machine on the network (for example, if a network card is replaced in a machine on the network, then a gratuitous ARP frame informs your machine of this change and requests to update your ARP cache so that data can be correctly routed). However, while ARP calls might be relevant to an ever shifting office network comprising many machines that need to keep each other updated , it is of far less relevance to, say, a single computer in your home network. Enabling this setting helps to block such requests - protecting the ARP cache from potentially malicious updates (Default = Disabled).
Click to expand...

From here
Firewall Behavior Settings, PC Firewall, Firewall Protection | Internet Security v6.2
 
  • Like
Reactions: ZeroDay, aragornnnn, Deleted member 2913 and 5 others
Svoll

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
If you are networked, I would leave it disabled, if you are not, enabled it, it does prevent data frames attacks, someone stopping and modifying your network.

o_O how the hell did I do that, been hanging out too much at MT and with Mr. Penguin, SHvFI, frogboy, and tim one.
 
  • Like
Reactions: ZeroDay, aragornnnn, ravi prakash saini and 6 others
bunchuu

bunchuu

Level 8
Verified
Well-known
Mar 17, 2015
370
ARP spoofing is technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead. credit to wikipedia

However, did your ever heard about netcut? It is free utility to deny wifi/Wlan access through ARP spoofing method. So basically, comodo will protect you from people who use netcut (or similar method) to dominate your router. :)
 
  • Like
Reactions: Solarlynx, aliali and ZeroDay
Status
Not open for further replies.

Similar threads

silversurfer
    • Like
    • Wow
    • +Reputation
Security News 300,000 Systems Vulnerable to New Loop DoS Attack
Replies
2
Views
4,030
Security News
cartaphilus
cartaphilus
Antig
Advice Request Malwarebytes WFC rule to block arp spoofing-LAN
Replies
0
Views
725
Malwarebytes
Antig
Antig
rashmi
    • Like
Serious Discussion What is your rationale for using "Auto-Containment" and not "Block"?
Replies
3
Views
307
Comodo
rashmi
rashmi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top