Change default gateway ip out of your pool range to disable arp poison



  • hellow guys,

    I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work

    note: in pfsense here you can't change your default gateway in dhcp server with ip differ from your pool range so here is the tutorials

    1- first got to firewall>>virtual ip  and add new virtual ip

    2- choose IP Alias and choose lan and enter your fake ip then save & apply changes

    3- go to services >> dhcp server and enter in the default gateway your fake ip you created before and save

    it will accept the ip

    any one can try and return back with the result



  • @mohandshamada:

    I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work

    Can you please explain how that prevention works?



  • @P3R:

    @mohandshamada:

    I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work

    Can you please explain how that prevention works?

    it send to the client the fake gate way so when the netcut search will not find the real gate way to poison



  • I don't see how this is going to prevent arp poisoning.
    The alias you created has the same MAC address as the real gateway.


  • Banned

    Maybe option to spoof MAC in VIP could be an option??