0

Network topology:

Public AP <-WiFi-> Raspberry Pi (NAT #1) <-Ethernet-> WiFi AP (NAT #2) <-WiFi-> Clients

Situation: I'm connecting to a dormitory access point that's shared with a lot of other people. When the going gets tough, I do an ARP-spoof attack on the network using an Android app called "NetCut", or wifikill/netcut on Linux.

Lately, I've noticed someone else has apparently learned how to do such an attack.

As a client, with no access to the router (but root access on my own Linux machine), how do I circumvent an ARP spoof done by someone greedy?


Possible (but not applicable) duplicates:

Aloha
  • 910
  • 7
  • 14

1 Answers1

1

You could disable ARP completely: (assuming your network device is eth0) ip link set dev eth0 arp off Then, you will need to manually add static ARP entities to any host you want to talk to using the arp command.

However, the attacker could still spoof your address, such that the gateway or other hosts thinks that the attacker is you.

multithr3at3d
  • 12,355
  • 3
  • 29
  • 42