Title: Wireless network that prevents ARPspoofing - what are the settings?
Post by: bobby_here on June 23, 2012, 05:10:32 PM
What is the technical term for an open wireless network that prevents clients from using arpspoof and SSL Strip?
The Wireshark wlan0 display shows that the fake router is broadcasting ARP packets and that HTTP / TCP traffic is going through the MITM.
However, none of the traffic is stored by SSL Strip.
What are the settings that prevent logging by SSL Strip?
Title: Re: Wireless network that prevents ARPspoofing - what are the settings?
Post by: ajohnson on July 05, 2012, 10:08:29 PM
That's going to depend on your WAP/Controller. The terminology on the wired side is "Dynamic ARP Inspection (at least according to Cisco).
While Cisco-centric, this link might serve as a starting place for more information: http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch4_Secu.html#wp1019184
You'll notice that the next item on the page is "Peer to Peer Blocking," which prevents peers from communicating with each other in any way.