Change default gateway ip out of your pool range to disable arp poison
-
hellow guys,
I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work
note: in pfsense here you can't change your default gateway in dhcp server with ip differ from your pool range so here is the tutorials
1- first got to firewall>>virtual ip and add new virtual ip
2- choose IP Alias and choose lan and enter your fake ip then save & apply changes
3- go to services >> dhcp server and enter in the default gateway your fake ip you created before and save
it will accept the ip
any one can try and return back with the result
-
I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work
Can you please explain how that prevention works?
-
@P3R:
I tried to change the default gate way in lan side to prevent arp poison programm such as netcut to work
Can you please explain how that prevention works?
it send to the client the fake gate way so when the netcut search will not find the real gate way to poison
-
I don't see how this is going to prevent arp poisoning.
The alias you created has the same MAC address as the real gateway. -
Maybe option to spoof MAC in VIP could be an option??
