1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent ARP Poisoning?

Discussion in 'Tomato Firmware' started by -=Renegade=-, Jun 28, 2009.

  1. -=Renegade=-

    -=Renegade=- Addicted to LI Member

    Hey folks.


    Does Tomato detect any attempts of ARP Poisoning by default?
    And does static DHCP help out?


    Thanks in Advance
     
  2. Toastman

    Toastman Super Moderator Staff Member Member

    No, it doesn't.

    Also, static DHCP by itself doesn't help. What will help is often known as ARP binding, google it for info. You do need to set an IP by Static DHCP first, then enable binding. Victek's mod has it, you might do a little research and give it a try!

    http://www.linksysinfo.org/forums/showthread.php?t=58571&highlight=IP/MAC+Victek

    http://www.linksysinfo.org/forums/showthread.php?t=57912

    TP-Link routers often have this function, this is how they use it:

    http://www.tp-link.com/support/showfaq.asp?id=170
     
  3. mstombs

    mstombs Network Guru Member

    The arp protocol is ancient, and has no security. I have no doubt you can attach a faster box and out-race a Tomato router for "Man in the middle" style hijacking of your network. Arp binding must help - the router will only communicate with known IP/MAC combination, but can't stop a known LAN client (or a clone of one) become the attacker.

    I believe arp-binding is useful to stop 'users' changing IP addresses to get around access restrictions/ rate limits

    Physical security of your wired LAN is the only real option.
     

Share This Page