Thread: Mac Spoofing - ARP msg
View Single Post
Old 27-02-2006, 11:26   #2
Gareth
Karateka
 
Gareth's Avatar
 
Join Date: Dec 2003
Age: 33
Posts: 7,098
Gareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny stars
Gareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny starsGareth has a pair of shiny stars
Re: Mac Spoofing - ARP msg
There's an xeplanation of why Sygate flags this on their website...
Quote:
Originally Posted by Sygate
By default, this option is disabled and cannot be changed in the Standard version, and is enabled and changeable in the Pro version of the Personal Firewall. Some hackers use MAC spoofing to attempt to hijack a communication session between two computers in order to hack one of the machines. MAC (media access control) addresses are hardware addresses that identify computers, servers, routers, etc. When Computer A wishes to communicate with Computer B, it may send an ARP (Address Resolution Protocol) packet to the computer.

The anti-MAC spoofing feature allows incoming and outgoing ARP traffic only if an ARP request was made to that specific host. It blocks all other unexpected ARP traffic and logs it in the security log.
Personally, I wouldn't put too much emphasis on it, and as your firewall is blocking it, I'd just ignore it.

---------- Post added at 11:26 ---------- Previous post was at 11:26 ----------

ps - to CF
Gareth is offline   Reply With Quote